Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 4 articles for you...
219
security advisorymoderatedenial of serviceRocky Linux 8 RLSA-2026-16021 freeRDP Major Risks of Service Interruptions
Moderate: freerdp security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:16019", "synopsis": "Moderate: freerdp security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for freerdp.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.\n\nSecurity Fix(es):\n\n* freerdp: FreeRDP: Denial of service due to use-after-free vulnerability (CVE-2026-25952)\n\n* freerdp: FreeRDP: Denial of Service via double free vulnerability during disconnect (CVE-2026-26986)\n\n* freerdp: FreeRDP: Denial of Service via endless blocking loop in Stream_EnsureCapacity (CVE-2026-27951)\n\n* freerdp: FreeRDP has a heap-buffer-overflow in bitmap_cache_put via OOB cacheId (CVE-2026-29775)\n\n* freerdp: FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks (CVE-2026-31885)\n\n* freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0 (CVE-2026-31884)\n\n* freerdp: FreeRDP: Denial of Service via crafted audio data in RDP (CVE-2026-31883)\n\n* FreeRDP: FreeRDP: Information disclosure via heap memory out of bounds read (CVE-2026-33985)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2442768", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442768", "description": ""}, {"ticket": "2442782", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442782", "description": ""}, {"ticket":"2442783", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2442783", "description": ""}, {"ticket": "2447379", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2447379", "description": ""}, {"ticket": "2447383", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2447383", "description": ""}, {"ticket": "2447385", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2447385", "description": ""}, {"ticket": "2447386", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2447386", "description": ""}, {"ticket": "2453217", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2453217", "description": ""}], "cves": [{"name": "CVE-2026-25952", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25952", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H", "cvss3BaseScore": "6.4", "cwe": "CWE-825"}, {"name": "CVE-2026-26986", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26986", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "cvss3BaseScore": "5.3", "cwe": "CWE-825"}, {"name": "CVE-2026-27951", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27951", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "5.9", "cwe": "CWE-190"}, {"name": "CVE-2026-29775", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-29775", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "cvss3BaseScore": "5.3", "cwe": "CWE-787"}, {"name": "CVE-2026-31883", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31883", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "cvss3BaseScore": "7.3", "cwe": "CWE-191"}, {"name": "CVE-2026-31884", "sourceBy":"MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31884", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "cvss3BaseScore": "6.5", "cwe": "CWE-369"}, {"name": "CVE-2026-31885", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31885", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "cvss3BaseScore": "6.5", "cwe": "CWE-125"}, {"name": "CVE-2026-33985", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33985", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "cvss3BaseScore": "5.3", "cwe": "CWE-125"}], "references": [], "publishedAt": "2026-05-13T06:00:58.478905Z", "rpms": {"Rocky Linux 8": {"nvras": ["freerdp-2:2.11.7-9.el8_10.aarch64.rpm", "freerdp-2:2.11.7-9.el8_10.src.rpm", "freerdp-2:2.11.7-9.el8_10.x86_64.rpm", "freerdp-debuginfo-2:2.11.7-9.el8_10.aarch64.rpm", "freerdp-debuginfo-2:2.11.7-9.el8_10.i686.rpm", "freerdp-debuginfo-2:2.11.7-9.el8_10.x86_64.rpm", "freerdp-debugsource-2:2.11.7-9.el8_10.aarch64.rpm", "freerdp-debugsource-2:2.11.7-9.el8_10.i686.rpm", "freerdp-debugsource-2:2.11.7-9.el8_10.x86_64.rpm", "freerdp-devel-2:2.11.7-9.el8_10.aarch64.rpm", "freerdp-devel-2:2.11.7-9.el8_10.i686.rpm", "freerdp-devel-2:2.11.7-9.el8_10.x86_64.rpm", "freerdp-libs-2:2.11.7-9.el8_10.aarch64.rpm", "freerdp-libs-2:2.11.7-9.el8_10.i686.rpm", "freerdp-libs-2:2.11.7-9.el8_10.x86_64.rpm", "freerdp-libs-debuginfo-2:2.11.7-9.el8_10.aarch64.rpm", "freerdp-libs-debuginfo-2:2.11.7-9.el8_10.i686.rpm", "freerdp-libs-debuginfo-2:2.11.7-9.el8_10.x86_64.rpm", "libwinpr-2:2.11.7-9.el8_10.aarch64.rpm", "libwinpr-2:2.11.7-9.el8_10.i686.rpm", "libwinpr-2:2.11.7-9.el8_10.x86_64.rpm", "libwinpr-debuginfo-2:2.11.7-9.el8_10.aarch64.rpm", "libwinpr-debuginfo-2:2.11.7-9.el8_10.i686.rpm", "libwinpr-debuginfo-2:2.11.7-9.el8_10.x86_64.rpm", "libwinpr-devel-2:2.11.7-9.el8_10.aarch64.rpm", "libwinpr-devel-2:2.11.7-9.el8_10.i686.rpm","libwinpr-devel-2:2.11.7-9.el8_10.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Freerdp security update for Rocky Linux 8 addressing several denial of service issues and other vulnerabilities.. Rocky Linux Freerdp Update, Security Fixes, Freerdp Denial of Service. . LinuxSecurity.com Team
May 13, 2026
Rocky Linux
100
security advisorymoderateSuSESUSE Linux Micro 6.2 sqlite3 Moderate Memory Leak of Integers 2026-21095-1
An update that solves two vulnerabilities and has two fixes can now be installed.. # Security update for sqlite3 Announcement ID: SUSE-SU-2026:21095-1 Release Date: 2026-04-10T19:09:48Z Rating: moderate References: * bsc#1248586 * bsc#1252217 * bsc#1254670 * bsc#1259619 Cross-References: * CVE-2025-70873 * CVE-2025-7709 CVSS scores: * CVE-2025-70873 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-70873 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2025-70873 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-7709 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:A/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-7709 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-7709 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:A/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Micro 6.2 An update that solves two vulnerabilities and has two fixes can now be installed. ## Description: This update for sqlite3 fixes the following issues: Update sqlite3 to version 3.51.3: Security issues: * CVE-2025-7709: Integer Overflow in FTS5 Extension (bsc#1254670). * CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation (bsc#1259619). Non security issue: * sqlite3 won't build when using --with icu (bsc#1248586). Changelog: Update to version 3.51.3: * Fix the WAL-reset database corruption bug: https://sqlite.org/wal.html#walresetbug * Other minor bug fixes. Update to version 3.51.2: * Fix an obscure deadlock in the new broken-posix-lock detection logic. * Fix multiple problems in the EXISTS-to-JOIN optimization. Update to version 3.51.1: * Fix incorrect results from nested EXISTSqueries caused by the optimization in item 6b in the 3.51.0 release. * Fix a latent bug in fts5vocab virtual table, exposed by new optimizations in the 3.51.0 release Update to version 3.51.0: * New macros in sqlite3.h: \- SQLITE_SCM_BRANCH -> the name of the branch from which the source code is taken. \- SQLITE_SCM_TAGS -> space-separated list of tags on the source code check-in. \- SQLITE_SCM_DATETIME -> ISO-8601 date and time of the source * Two new JSON functions, jsonb_each() and jsonb_tree() work the same as the existing json_each() and json_tree() functions except that they return JSONB for the "value" column when the "type" is 'array' or 'object'. * The carray and percentile extensions are now built into the amalgamation, though they are disabled by default and must be activated at compile-time using the -DSQLITE_ENABLE_CARRAY and/or -DSQLITE_ENABLE_PERCENTILE options, respectively. * Enhancements to TCL Interface: \- Add the -asdict flag to the eval command to have it set the row data as a dict instead of an array. \- User-defined functions may now break to return an SQL NULL. * CLI enhancements: \- Increase the precision of ".timer" to microseconds. \- Enhance the "box" and "column" formatting modes to deal with double-wide characters. \- The ".imposter" command provides read-only imposter tables that work with VACUUM and do not require the --unsafe-testing option. \- Add the --ifexists option to the CLI command-line option and to the .open command. \- Limit columns widths set by the ".width" command to 30,000 or less, as there is not good reason to have wider columns, but supporting wider columns provides opportunity to malefactors. * Performance enhancements: \- Use fewer CPU cycles to commit a read transaction. \- Early detection of joins that return no rows due to one or more of the tables containing no rows. \- Avoid evaluation of scalar subqueries if the result of the subquery does not change the result of the overall expression. \- Faster window function queries when using "BETWEEN:x FOLLOWING AND :y FOLLOWING" with a large :y. * Add the PRAGMA wal_checkpoint=NOOP; command and the SQLITE_CHECKPOINT_NOOP argument for sqlite3_wal_checkpoint_v2(). * Add the sqlite3_set_errmsg() API for use by extensions. * Add the sqlite3_db_status64() API, which works just like the existing sqlite3_db_status() API except that it returns 64-bit results. * Add the SQLITE_DBSTATUS_TEMPBUF_SPILL option to the sqlite3_db_status() and sqlite3_db_status64() interfaces. * In the session extension add the sqlite3changeset_apply_v3() interface. * For the built-in printf() and the format() SQL function, omit the leading '-' from negative floating point numbers if the '+' flag is omitted and the "#" flag is present and all displayed digits are '0'. Use '%#f' or similar to avoid outputs like '-0.00' and instead show just '0.00'. * Improved error messages generated by FTS5. * Enforce STRICT typing on computed columns. * Improved support for VxWorks * JavaScript/WASM now supports 64-bit WASM. The canonical builds continue to be 32-bit but creating one's own 64-bit build is now as simple as running "make". * Improved resistance to database corruption caused by an application breaking Posix advisory locks using close(). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-529=1 ## Package List: * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * sqlite3-debugsource-3.51.3-160000.1.1 * sqlite3-debuginfo-3.51.3-160000.1.1 * libsqlite3-0-debuginfo-3.51.3-160000.1.1 * libsqlite3-0-3.51.3-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-70873.html * https://www.suse.com/security/cve/CVE-2025-7709.html * https://bugzilla.suse.com/show_bug.cgi?id=1248586 * https://bugzilla.suse.com/show_bug.cgi?id=1252217 *https://bugzilla.suse.com/show_bug.cgi?id=1254670 * https://bugzilla.suse.com/show_bug.cgi?id=1259619 . Update for sqlite3 addresses two moderate issues with integer overflow and memory disclosure in SUSE Linux Micro.. SQLite Security Update, Moderate Vulnerabilities, SUSE Linux Micro, sqlite3 Fixed Issues, Integer Overflow Exploit. . LinuxSecurity.com Team
Apr 16, 2026
SuSE
100
security advisorymoderateSuSESUSE Linux Enterprise openssl Safety Warning Notifier SUSE-SU-2026-2053-1
An update that solves two vulnerabilities can now be installed.. # Security update for sqlite3 Announcement ID: SUSE-SU-2026:1065-1 Release Date: 2026-03-26T10:38:35Z Rating: moderate References: * bsc#1254670 * bsc#1259619 Cross-References: * CVE-2025-70873 * CVE-2025-7709 CVSS scores: * CVE-2025-70873 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-70873 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2025-70873 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-7709 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:A/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-7709 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-7709 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:A/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for sqlite3 fixes the following issues: Update sqlite3 to 3.51.3: * CVE-2025-7709: Integer Overflow in FTS5 Extension (bsc#1254670). * CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation (bsc#1259619). Changelog: * Fix the WAL-reset database corruption bug: https://sqlite.org/wal.html#walresetbug ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-1065=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1065=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1065=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1065=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1065=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-1065=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1065=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-1065=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-1065=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * sqlite3-debugsource-3.51.3-150000.3.39.1 * sqlite3-3.51.3-150000.3.39.1 * sqlite3-tcl-3.51.3-150000.3.39.1 * libsqlite3-0-debuginfo-3.51.3-150000.3.39.1 * libsqlite3-0-3.51.3-150000.3.39.1 * sqlite3-debuginfo-3.51.3-150000.3.39.1 * sqlite3-tcl-debuginfo-3.51.3-150000.3.39.1 * sqlite3-devel-3.51.3-150000.3.39.1 * openSUSE Leap 15.6 (x86_64) * libsqlite3-0-32bit-debuginfo-3.51.3-150000.3.39.1 * libsqlite3-0-32bit-3.51.3-150000.3.39.1 * openSUSE Leap 15.6 (noarch) * sqlite3-doc-3.51.3-150000.3.39.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * sqlite3-debugsource-3.51.3-150000.3.39.1 * sqlite3-tcl-3.51.3-150000.3.39.1 * libsqlite3-0-debuginfo-3.51.3-150000.3.39.1 * libsqlite3-0-3.51.3-150000.3.39.1 * sqlite3-debuginfo-3.51.3-150000.3.39.1 * SUSELinux Enterprise Micro 5.3 (aarch64 s390x x86_64) * sqlite3-debugsource-3.51.3-150000.3.39.1 * sqlite3-tcl-3.51.3-150000.3.39.1 * libsqlite3-0-debuginfo-3.51.3-150000.3.39.1 * libsqlite3-0-3.51.3-150000.3.39.1 * sqlite3-debuginfo-3.51.3-150000.3.39.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * sqlite3-debugsource-3.51.3-150000.3.39.1 * sqlite3-tcl-3.51.3-150000.3.39.1 * libsqlite3-0-debuginfo-3.51.3-150000.3.39.1 * libsqlite3-0-3.51.3-150000.3.39.1 * sqlite3-debuginfo-3.51.3-150000.3.39.1 * sqlite3-tcl-debuginfo-3.51.3-150000.3.39.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * sqlite3-debugsource-3.51.3-150000.3.39.1 * sqlite3-tcl-3.51.3-150000.3.39.1 * libsqlite3-0-debuginfo-3.51.3-150000.3.39.1 * libsqlite3-0-3.51.3-150000.3.39.1 * sqlite3-debuginfo-3.51.3-150000.3.39.1 * sqlite3-tcl-debuginfo-3.51.3-150000.3.39.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * sqlite3-debugsource-3.51.3-150000.3.39.1 * sqlite3-tcl-3.51.3-150000.3.39.1 * libsqlite3-0-debuginfo-3.51.3-150000.3.39.1 * libsqlite3-0-3.51.3-150000.3.39.1 * sqlite3-debuginfo-3.51.3-150000.3.39.1 * sqlite3-tcl-debuginfo-3.51.3-150000.3.39.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * sqlite3-debugsource-3.51.3-150000.3.39.1 * sqlite3-3.51.3-150000.3.39.1 * sqlite3-tcl-3.51.3-150000.3.39.1 * libsqlite3-0-debuginfo-3.51.3-150000.3.39.1 * libsqlite3-0-3.51.3-150000.3.39.1 * sqlite3-debuginfo-3.51.3-150000.3.39.1 * sqlite3-tcl-debuginfo-3.51.3-150000.3.39.1 * sqlite3-devel-3.51.3-150000.3.39.1 * Basesystem Module 15-SP7 (x86_64) * libsqlite3-0-32bit-debuginfo-3.51.3-150000.3.39.1 * libsqlite3-0-32bit-3.51.3-150000.3.39.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * sqlite3-debuginfo-3.51.3-150000.3.39.1 * libsqlite3-0-debuginfo-3.51.3-150000.3.39.1 * libsqlite3-0-3.51.3-150000.3.39.1 *sqlite3-debugsource-3.51.3-150000.3.39.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * sqlite3-debuginfo-3.51.3-150000.3.39.1 * libsqlite3-0-debuginfo-3.51.3-150000.3.39.1 * libsqlite3-0-3.51.3-150000.3.39.1 * sqlite3-debugsource-3.51.3-150000.3.39.1 ## References: * https://www.suse.com/security/cve/CVE-2025-70873.html * https://www.suse.com/security/cve/CVE-2025-7709.html * https://bugzilla.suse.com/show_bug.cgi?id=1254670 * https://bugzilla.suse.com/show_bug.cgi?id=1259619 . SUSE sqlite3 Moderate Patch notification for integer overflow and memory issues, ensuring secure system integrity.. sqlite3 security update, SUSE patch, integer overflow risk, sqlite memory disclosure, SUSE Linux advisory. . LinuxSecurity.com Team
Mar 26, 2026
SuSE
100
security advisorymoderateinteger overflowSUSE Linux Micro 7.2 Critical Alert for Major OpenSSL Memory Leak Risk
An update that solves two vulnerabilities can now be installed.. # Security update for sqlite3 Announcement ID: SUSE-SU-2026:20771-1 Release Date: 2026-03-23T09:50:28Z Rating: moderate References: * bsc#1254670 * bsc#1259619 Cross-References: * CVE-2025-70873 * CVE-2025-7709 CVSS scores: * CVE-2025-70873 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-70873 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2025-70873 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-7709 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:A/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-7709 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2025-7709 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:A/VC:N/VI:H/VA:L/SC:N/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Micro 6.1 An update that solves two vulnerabilities can now be installed. ## Description: This update for sqlite3 fixes the following issues: Update to sqlite3 3.51.3: * CVE-2025-7709: Integer Overflow in FTS5 Extension (bsc#1254670). * CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation (bsc#1259619). Changelog: Update to version 3.51.3: * Fix the WAL-reset database corruption bug: https://sqlite.org/wal.html#walresetbug * Other minor bug fixes. Update to version 3.51.2: * Fix an obscure deadlock in the new broken-posix-lock detection logic. * Fix multiple problems in the EXISTS-to-JOIN optimization. Update to version 3.51.1: * Fix incorrect results from nested EXISTS queries caused by the optimization in item 6b in the 3.51.0 release. * Fix a latent bug in fts5vocab virtual table, exposed by new optimizations in the3.51.0 release Update to version 3.51.0: * New macros in sqlite3.h: \- SQLITE_SCM_BRANCH -> the name of the branch from which the source code is taken. \- SQLITE_SCM_TAGS -> space-separated list of tags on the source code check-in. \- SQLITE_SCM_DATETIME -> ISO-8601 date and time of the source * Two new JSON functions, jsonb_each() and jsonb_tree() work the same as the existing json_each() and json_tree() functions except that they return JSONB for the "value" column when the "type" is 'array' or 'object'. * The carray and percentile extensions are now built into the amalgamation, though they are disabled by default and must be activated at compile-time using the -DSQLITE_ENABLE_CARRAY and/or -DSQLITE_ENABLE_PERCENTILE options, respectively. * Enhancements to TCL Interface: \- Add the -asdict flag to the eval command to have it set the row data as a dict instead of an array. \- User-defined functions may now break to return an SQL NULL. * CLI enhancements: \- Increase the precision of ".timer" to microseconds. \- Enhance the "box" and "column" formatting modes to deal with double-wide characters. \- The ".imposter" command provides read-only imposter tables that work with VACUUM and do not require the --unsafe-testing option. \- Add the --ifexists option to the CLI command-line option and to the .open command. \- Limit columns widths set by the ".width" command to 30,000 or less, as there is not good reason to have wider columns, but supporting wider columns provides opportunity to malefactors. * Performance enhancements: \- Use fewer CPU cycles to commit a read transaction. \- Early detection of joins that return no rows due to one or more of the tables containing no rows. \- Avoid evaluation of scalar subqueries if the result of the subquery does not change the result of the overall expression. \- Faster window function queries when using "BETWEEN :x FOLLOWING AND :y FOLLOWING" with a large :y. * Add the PRAGMA wal_checkpoint=NOOP; command and the SQLITE_CHECKPOINT_NOOP argumentfor sqlite3_wal_checkpoint_v2(). * Add the sqlite3_set_errmsg() API for use by extensions. * Add the sqlite3_db_status64() API, which works just like the existing sqlite3_db_status() API except that it returns 64-bit results. * Add the SQLITE_DBSTATUS_TEMPBUF_SPILL option to the sqlite3_db_status() and sqlite3_db_status64() interfaces. * In the session extension add the sqlite3changeset_apply_v3() interface. * For the built-in printf() and the format() SQL function, omit the leading '-' from negative floating point numbers if the '+' flag is omitted and the "#" flag is present and all displayed digits are '0'. Use '%#f' or similar to avoid outputs like '-0.00' and instead show just '0.00'. * Improved error messages generated by FTS5. * Enforce STRICT typing on computed columns. * Improved support for VxWorks * JavaScript/WASM now supports 64-bit WASM. The canonical builds continue to be 32-bit but creating one's own 64-bit build is now as simple as running "make". ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-455=1 ## Package List: * SUSE Linux Micro 6.1 (aarch64 ppc64le s390x x86_64) * libsqlite3-0-3.51.3-slfo.1.1_1.1 * sqlite3-debugsource-3.51.3-slfo.1.1_1.1 * libsqlite3-0-debuginfo-3.51.3-slfo.1.1_1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-70873.html * https://www.suse.com/security/cve/CVE-2025-7709.html * https://bugzilla.suse.com/show_bug.cgi?id=1254670 * https://bugzilla.suse.com/show_bug.cgi?id=1259619 . This update resolves two issues in sqlite3, including an integer overflow and memory disclosure risk.. SUSE Linux, sqlite3 update, security advisory, moderate severity, memory disclosure. . LinuxSecurity.com Team
Mar 24, 2026
SuSE
217
security advisorysecurity issueimportantOracle Linux 10: ELSA-2025-13944 OpenJPEG2 Important Heap Memory Threat
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-13944 http://linux.oracle.com/errata/ELSA-2025-13944.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: openjpeg2-2.5.2-4.el10_0.1.x86_64.rpm openjpeg2-devel-2.5.2-4.el10_0.1.x86_64.rpm openjpeg2-tools-2.5.2-4.el10_0.1.x86_64.rpm aarch64: openjpeg2-2.5.2-4.el10_0.1.aarch64.rpm openjpeg2-devel-2.5.2-4.el10_0.1.aarch64.rpm openjpeg2-tools-2.5.2-4.el10_0.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/openjpeg2-2.5.2-4.el10_0.1.src.rpm Related CVEs: CVE-2025-54874 Description of changes: [2.5.2-4.1] - fix OpenJPEG OOB heap memory write (CVE-2025-54874) _______________________________________________ El-errata mailing list
Aug 19, 2025
•Important
Oracle
202
security advisorysoftware updateimportantopenSUSE Leap 15.6: 2025:1137-1 important: xz heap issue
An update that solves one vulnerability can now be installed.. # Security update for xz Announcement ID: SUSE-SU-2025:1137-1 Release Date: 2025-04-03T15:11:09Z Rating: important References: * bsc#1240414 Cross-References: * CVE-2025-31115 CVSS scores: * CVE-2025-31115 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-31115 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for xz fixes the following issues: * CVE-2025-31115: Fixed heap use after free and writing to an address based on the null pointer plus an offset (bsc#1240414) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1137=1 openSUSE-SLE-15.6-2025-1137=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1137=1 ## Package List: * openSUSE Leap 15.6 (x86_64) * xz-devel-32bit-5.4.1-150600.3.3.1 * liblzma5-32bit-5.4.1-150600.3.3.1 * liblzma5-32bit-debuginfo-5.4.1-150600.3.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * xz-static-devel-5.4.1-150600.3.3.1 * xz-devel-5.4.1-150600.3.3.1 * xz-debugsource-5.4.1-150600.3.3.1 * xz-debuginfo-5.4.1-150600.3.3.1 * liblzma5-debuginfo-5.4.1-150600.3.3.1 * xz-5.4.1-150600.3.3.1 * liblzma5-5.4.1-150600.3.3.1 * openSUSE Leap 15.6 (noarch) * xz-lang-5.4.1-150600.3.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * liblzma5-64bit-debuginfo-5.4.1-150600.3.3.1 * xz-devel-64bit-5.4.1-150600.3.3.1 * liblzma5-64bit-5.4.1-150600.3.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * xz-static-devel-5.4.1-150600.3.3.1 * xz-devel-5.4.1-150600.3.3.1 * xz-debugsource-5.4.1-150600.3.3.1 * xz-debuginfo-5.4.1-150600.3.3.1 * liblzma5-debuginfo-5.4.1-150600.3.3.1 * xz-5.4.1-150600.3.3.1 * liblzma5-5.4.1-150600.3.3.1 * Basesystem Module 15-SP6 (noarch) * xz-lang-5.4.1-150600.3.3.1 * Basesystem Module 15-SP6 (x86_64) * liblzma5-32bit-5.4.1-150600.3.3.1 * liblzma5-32bit-debuginfo-5.4.1-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-31115.html * https://bugzilla.suse.com/show_bug.cgi?id=1240414 . Critical notice for xz addresses a memory corruption issue in openSUSE, enhancing overall security measures. Implement the fix now.. openSUSE updates,xz security,software patches,Linux security fixes,heap corruption issues. . Severity: Important. LinuxSecurity.com Team
Apr 03, 2025
•Important
OpenSUSE
203
security advisorybuffer overflowApache HTTP ServerMageia: 2022-0105 Moderate: Apache Out-Of-Bounds Memory Issue
SECURITY: CVE-2022-23943: mod_sed: Read/write beyond bounds. Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. Credits: Ronald Crane (Zippenhop LLC) . MGASA-2022-0105 - Updated apache packages fix security vulnerability Publication date: 21 Mar 2022 URL: https://advisories.mageia.org/MGASA-2022-0105.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-23943, CVE-2022-22721, CVE-2022-22720, CVE-2022-22719 SECURITY: CVE-2022-23943: mod_sed: Read/write beyond bounds. Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. Credits: Ronald Crane (Zippenhop LLC) SECURITY: CVE-2022-22721: core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. Credits: Anonymous working with Trend Micro Zero Day Initiative SECURITY: CVE-2022-22720: HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling Credits: James Kettle SECURITY: CVE-2022-22719: mod_lua Use of uninitialized value of in r:parsebody A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. Credits: Chamal De Silva References: - https://bugs.mageia.org/show_bug.cgi?id=30170 - https://downloads.apache.org/httpd/Announcement2.4.html - - https://httpd.apache.org/security/vulnerabilities_24.html - https://www.cve.org/CVERecord?id=CVE-2022-23943 - https://www.cve.org/CVERecord?id=CVE-2022-22721 - https://www.cve.org/CVERecord?id=CVE-2022-22720 - https://www.cve.org/CVERecord?id=CVE-2022-22719 SRPMS: -8/core/apache-2.4.53-1.mga8 . Enhanced Apache components tackle severe out-of-bounds vulnerability, mitigating various security risks in Mageia 8.. apache Security Update, mageia Advisory, mod_sed Exploit, buffer Overflow Risk, security Threats. . LinuxSecurity.com Team
Mar 21, 2022
Mageia
202
security advisoryprivilege escalationimportantopenSUSE: 2020:1302-1 Important: xorg-x11-server Privilege Escalation
An update that fixes three vulnerabilities is now available.. openSUSE Security Update: Security update for xorg-x11-server ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:1302-1 Rating: important References: #1174633 #1174635 #1174638 Cross-References: CVE-2020-14345 CVE-2020-14346 CVE-2020-14347 Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for xorg-x11-server fixes the following issues: - CVE-2020-14347: Leak of uninitialized heap memory from the X server to clients on pixmap allocation (bsc#1174633, ZDI-CAN-11426). - CVE-2020-14346: XIChangeHierarchy Integer Underflow Privilege Escalation Vulnerability (bsc#1174638, ZDI-CAN-11429). - CVE-2020-14345: XKB out-of-bounds access privilege escalation vulnerability (bsc#1174635, ZDI-CAN-11428). This update was imported from the SUSE:SLE-15-SP2:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2020-1302=1 Package List: - openSUSE Leap 15.2 (i586 x86_64): xorg-x11-server-1.20.3-lp152.8.3.1 xorg-x11-server-debuginfo-1.20.3-lp152.8.3.1 xorg-x11-server-debugsource-1.20.3-lp152.8.3.1 xorg-x11-server-extra-1.20.3-lp152.8.3.1 xorg-x11-server-extra-debuginfo-1.20.3-lp152.8.3.1 xorg-x11-server-sdk-1.20.3-lp152.8.3.1 xorg-x11-server-source-1.20.3-lp152.8.3.1 xorg-x11-server-wayland-1.20.3-lp152.8.3.1 xorg-x11-server-wayland-debuginfo-1.20.3-lp152.8.3.1 References: https://www.suse.com/security/cve/CVE-2020-14345.html https://www.suse.com/security/cve/CVE-2020-14346.html https://www.suse.com/security/cve/CVE-2020-14347.html https://bugzilla.suse.com/1174633 https://bugzilla.suse.com/1174635 https://bugzilla.suse.com/1174638 -- . Important patch for openSUSE xorg-x11-server addresses several vulnerabilities related to privilege escalation and enhances overall security.. openSUSE Security Update,xorg-x11-server,security fixes,linux security. . Severity: Important. LinuxSecurity.com Team
Aug 31, 2020
•Important
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!