Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 1 articles for you...
203
security advisorysecurity issueimportantMageia perl-Imager Important Heap OOB Write Security Fix MGASA-2026-0154
MGASA-2026-0154 - Updated perl-Imager packages fix security vulnerabilities. MGASA-2026-0154 - Updated perl-Imager packages fix security vulnerabilities Publication date: 26 May 2026 URL: https://advisories.mageia.org/MGASA-2026-0154.html Type: security Affected Mageia releases: 9 CVE: CVE-2026-8669 Description: Imager versions through 1.030 for Perl allow a heap out of bounds (OOB) write on crafted multi-frame GIF files. (CVE-2026-8669) References: - https://bugs.mageia.org/show_bug.cgi?id=35541 - https://www.openwall.com/lists/oss-security/2026/05/15/17 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8669 SRPMS: - 9/core/perl-Imager-1.19.0-2.1.mga9 . Mageia updated perl-Imager packages address critical vulnerabilities involving OOB writes in crafted GIF files.. Mageia Security, Perl Imager Update, Heap Overflow Fix, Security Advisory MGASA-2026-0154. . Severity: Important. LinuxSecurity.com Team
May 26, 2026
•Important
Mageia
202
security advisoryimportantnginxopenSUSE Leap 15.2: nginx Important CVE-2021-23017 Off-by-One Heap Write
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for nginx =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=5F Announcement ID: openSUSE-SU-2021:0835-1 Rating: important References: #1186126 Cross-References: CVE-2021-23017 CVSS scores: CVE-2021-23017 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N= /S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.2 =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=5F An update that fixes one vulnerability is now available. Description: This update for nginx fixes the following issues: - CVE-2021-23017: nginx DNS resolver off-by-one heap write (bsc#1186126) This update was imported from the SUSE:SLE-15-SP1:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended instal= lation methods like YaST online=5Fupdate or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-835=3D1 Package List: - openSUSE Leap 15.2 (i586 x86=5F64): nginx-1.16.1-lp152.2.3.1 nginx-debuginfo-1.16.1-lp152.2.3.1 nginx-debugsource-1.16.1-lp152.2.3.1 - openSUSE Leap 15.2 (noarch): nginx-source-1.16.1-lp152.2.3.1 vim-plugin-nginx-1.16.1-lp152.2.3.1 References: https://www.suse.com/security/cve/CVE-2021-23017.html https://bugzilla.suse.com/1186126 . Critical patch released for nginx in openSUSE addresses CVE-2021-23017, which poses a significant risk. Urgent measures advised.. nginx security,openSUSE update, heap write issue, important patch, CVE-2021-23017. . Severity: Important. LinuxSecurity.com Team
Sep 26, 2025
•Important
OpenSUSE
202
security advisoryhigh severitythreat mitigationopenSUSE Leap 15.2: 2021:0835-1 Important: nginx Heap Write
An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for nginx ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:0835-1 Rating: important References: #1186126 Cross-References: CVE-2021-23017 CVSS scores: CVE-2021-23017 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for nginx fixes the following issues: - CVE-2021-23017: nginx DNS resolver off-by-one heap write (bsc#1186126) This update was imported from the SUSE:SLE-15-SP1:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-835=1 Package List: - openSUSE Leap 15.2 (i586 x86_64): nginx-1.16.1-lp152.2.3.1 nginx-debuginfo-1.16.1-lp152.2.3.1 nginx-debugsource-1.16.1-lp152.2.3.1 - openSUSE Leap 15.2 (noarch): nginx-source-1.16.1-lp152.2.3.1 vim-plugin-nginx-1.16.1-lp152.2.3.1 References: https://www.suse.com/security/cve/CVE-2021-23017.html https://bugzilla.suse.com/1186126 . Mandatory update for openSUSE addressing security vulnerability in nginx linked to CVE-2021-23017, accompanied by vital patch instructions for implementation.. openSUSE Security, nginx Update, high-risk Patch. . Severity: Important. LinuxSecurity.com Team
Jun 03, 2021
•Important
OpenSUSE
100
security advisorycriticalpatchSUSE: 2021:1839-1 Critical: Nginx DNS Heap Write Security Update
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for nginx ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:1839-1 Rating: important References: #1186126 Cross-References: CVE-2021-23017 CVSS scores: CVE-2021-23017 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: SUSE Manager Server 4.0 SUSE Manager Retail Branch Server 4.0 SUSE Manager Proxy 4.0 SUSE Linux Enterprise Server for SAP 15-SP1 SUSE Linux Enterprise Server 15-SP1-LTSS SUSE Linux Enterprise Server 15-SP1-BCL SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS SUSE Enterprise Storage 6 SUSE CaaS Platform 4.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for nginx fixes the following issues: - CVE-2021-23017: nginx DNS resolver off-by-one heap write (bsc#1186126) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Manager Server 4.0: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.0-2021-1839=1 - SUSE Manager Retail Branch Server 4.0: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.0-2021-1839=1 - SUSE Manager Proxy 4.0: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.0-2021-1839=1 - SUSE Linux Enterprise Server for SAP 15-SP1: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2021-1839=1 - SUSE Linux EnterpriseServer 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2021-1839=1 - SUSE Linux Enterprise Server 15-SP1-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2021-1839=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2021-1839=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2021-1839=1 - SUSE Enterprise Storage 6: zypper in -t patch SUSE-Storage-6-2021-1839=1 - SUSE CaaS Platform 4.0: To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. Package List: - SUSE Manager Server 4.0 (ppc64le s390x x86_64): nginx-1.16.1-6.13.1 nginx-debuginfo-1.16.1-6.13.1 nginx-debugsource-1.16.1-6.13.1 - SUSE Manager Server 4.0 (noarch): nginx-source-1.16.1-6.13.1 - SUSE Manager Retail Branch Server 4.0 (x86_64): nginx-1.16.1-6.13.1 nginx-debuginfo-1.16.1-6.13.1 nginx-debugsource-1.16.1-6.13.1 - SUSE Manager Retail Branch Server 4.0 (noarch): nginx-source-1.16.1-6.13.1 - SUSE Manager Proxy 4.0 (noarch): nginx-source-1.16.1-6.13.1 - SUSE Manager Proxy 4.0 (x86_64): nginx-1.16.1-6.13.1 nginx-debuginfo-1.16.1-6.13.1 nginx-debugsource-1.16.1-6.13.1 - SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64): nginx-1.16.1-6.13.1 nginx-debuginfo-1.16.1-6.13.1 nginx-debugsource-1.16.1-6.13.1 - SUSE Linux Enterprise Server for SAP 15-SP1 (noarch): nginx-source-1.16.1-6.13.1 - SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64): nginx-1.16.1-6.13.1 nginx-debuginfo-1.16.1-6.13.1 nginx-debugsource-1.16.1-6.13.1 - SUSE Linux Enterprise Server 15-SP1-LTSS (noarch): nginx-source-1.16.1-6.13.1 - SUSE Linux Enterprise Server 15-SP1-BCL (x86_64): nginx-1.16.1-6.13.1 nginx-debuginfo-1.16.1-6.13.1 nginx-debugsource-1.16.1-6.13.1 - SUSE Linux Enterprise Server 15-SP1-BCL (noarch): nginx-source-1.16.1-6.13.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64): nginx-1.16.1-6.13.1 nginx-debuginfo-1.16.1-6.13.1 nginx-debugsource-1.16.1-6.13.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch): nginx-source-1.16.1-6.13.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64): nginx-1.16.1-6.13.1 nginx-debuginfo-1.16.1-6.13.1 nginx-debugsource-1.16.1-6.13.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch): nginx-source-1.16.1-6.13.1 - SUSE Enterprise Storage 6 (aarch64 x86_64): nginx-1.16.1-6.13.1 nginx-debuginfo-1.16.1-6.13.1 nginx-debugsource-1.16.1-6.13.1 - SUSE Enterprise Storage 6 (noarch): nginx-source-1.16.1-6.13.1 - SUSE CaaS Platform 4.0 (noarch): nginx-source-1.16.1-6.13.1 - SUSE CaaS Platform 4.0 (x86_64): nginx-1.16.1-6.13.1 nginx-debuginfo-1.16.1-6.13.1 nginx-debugsource-1.16.1-6.13.1 References: https://www.suse.com/security/cve/CVE-2021-23017.html https://bugzilla.suse.com/1186126 . SUSE releases a crucial security patch for nginx tackling a severe heap overflow vulnerability. Learn more and apply the fix immediately.. SUSE Security Update,Nginx Patch,Heap Write Issue. . Severity: Important. LinuxSecurity.com Team
Jun 02, 2021
•Important
SuSE
100
security advisorysecurity issueimportantSUSE Linux: 2021:1814-1 Important Nginx Heap Write DoS Issue
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for nginx ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:1814-1 Rating: important References: #1186126 Cross-References: CVE-2021-23017 CVSS scores: CVE-2021-23017 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: SUSE Linux Enterprise Module for Server Applications 15-SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for nginx fixes the following issues: - CVE-2021-23017: nginx DNS resolver off-by-one heap write (bsc#1186126) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Server Applications 15-SP2: zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP2-2021-1814=1 Package List: - SUSE Linux Enterprise Module for Server Applications 15-SP2 (aarch64 ppc64le s390x x86_64): nginx-1.16.1-3.3.1 nginx-debuginfo-1.16.1-3.3.1 nginx-debugsource-1.16.1-3.3.1 - SUSE Linux Enterprise Module for Server Applications 15-SP2 (noarch): nginx-source-1.16.1-3.3.1 References: https://www.suse.com/security/cve/CVE-2021-23017.html https://bugzilla.suse.com/1186126 . SUSE Security Update addresses severe nginx heap overflow issue identified in Advisory ID SUSE-SU-2021:1814-1. Take immediate action.. SUSE Linux, Nginx Update, Security Fix, Linux Vulnerability, IT Security. . Severity: Important. LinuxSecurity.com Team
May 31, 2021
•Important
SuSE
100
security advisoryupdateimportantSUSE: 2021:1815-1 Critical: Nginx Heap Write Risk Mitigation
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for nginx ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:1815-1 Rating: important References: #1186126 Cross-References: CVE-2021-23017 CVSS scores: CVE-2021-23017 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: SUSE Linux Enterprise Module for Server Applications 15-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for nginx fixes the following issues: - CVE-2021-23017: nginx DNS resolver off-by-one heap write (bsc#1186126) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Server Applications 15-SP3: zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2021-1815=1 Package List: - SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64): nginx-1.19.8-3.3.1 nginx-debuginfo-1.19.8-3.3.1 nginx-debugsource-1.19.8-3.3.1 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (noarch): nginx-source-1.19.8-3.3.1 References: https://www.suse.com/security/cve/CVE-2021-23017.html https://bugzilla.suse.com/1186126 . SUSE Security Update: Critical nginx patch mitigation for CVE-2021-23017 available. Release SUSE-SU-2021:1815-1.. SUSE Linux, Nginx Patch, Security Update, Important Alert. . Severity: Important. LinuxSecurity.com Team
May 31, 2021
•Important
SuSE
100
security advisoryimportantSUSESUSE: 2021:1792-1 Critical Update on nginx Heap Write Vulnerability
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for nginx ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:1792-1 Rating: important References: #1186126 Cross-References: CVE-2021-23017 CVSS scores: CVE-2021-23017 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: SUSE Linux Enterprise Server for SAP 15 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise High Performance Computing 15-ESPOS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for nginx fixes the following issues: - CVE-2021-23017: nginx DNS resolver off-by-one heap write (bsc#1186126) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 15: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2021-1792=1 - SUSE Linux Enterprise Server 15-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-2021-1792=1 - SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2021-1792=1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-2021-1792=1 Package List: - SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64): nginx-1.16.1-3.15.1 nginx-debuginfo-1.16.1-3.15.1 nginx-debugsource-1.16.1-3.15.1 - SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x): nginx-1.16.1-3.15.1 nginx-debuginfo-1.16.1-3.15.1 nginx-debugsource-1.16.1-3.15.1 - SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64): nginx-1.16.1-3.15.1 nginx-debuginfo-1.16.1-3.15.1 nginx-debugsource-1.16.1-3.15.1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64): nginx-1.16.1-3.15.1 nginx-debuginfo-1.16.1-3.15.1 nginx-debugsource-1.16.1-3.15.1 References: https://www.suse.com/security/cve/CVE-2021-23017.html https://bugzilla.suse.com/1186126 . SUSE Security Bulletin for nginx Released: Details on Impacted Versions and Update Guidelines Provided.. SUSE Linux Enterprise, nginx security update, patch instructions. . Severity: Important. LinuxSecurity.com Team
May 27, 2021
•Important
SuSE
89
security advisorycriticalFedoraFedora 28: 2018:7243f31304 Critical: NetworkManager Heap Write Issue
- ifcfg: fix crash parsing DNS entries (rh #1607866) - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-7243f31304 2018-11-08 02:18:24.113973 --------------------------------------------------------------------------------Name : NetworkManager Product : Fedora 28 Version : 1.10.12 Release : 2.fc28 URL : https://wiki.gnome.org/Apps Summary : Network connection manager and user applications Description : NetworkManager is a system service that manages network interfaces and connections based on user or automatic configuration. It supports Ethernet, Bridge, Bond, VLAN, Team, InfiniBand, Wi-Fi, mobile broadband (WWAN), PPPoE and other devices, and supports a variety of different VPN services. --------------------------------------------------------------------------------Update Information: - ifcfg: fix crash parsing DNS entries (rh #1607866) - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688) --------------------------------------------------------------------------------ChangeLog: * Mon Oct 29 2018 Thomas Haller - 1:1.10.12-2 - ifcfg: fix crash parsing DNS entries (rh #1607866) - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688) * Tue Sep 18 2018 Thomas Haller - 1:1.10.12-1 - Update to 1.10.12 release * Sat Jun 16 2018 Thomas Haller - 1:1.10.10-1 - Update to 1.10.10 release * Sat Jun 16 2018 Thomas Haller - 1:1.10.8-2 - device: fix crash during reapply of connection settings * Fri May 11 2018 Beniamino Galvani - 1:1.10.8-1 - Update to 1.10.8 release * Sun May 6 2018 Beniamino Galvani - 1:1.10.6-3 - dhcp: better handle expiry and nacks (rh #1575370) * Tue Apr 17 2018 Beniamino Galvani - 1:1.10.6-2 - device: fix setting 'rp_filter' value (rh#1565529) --------------------------------------------------------------------------------References: [ 1 ] Bug #1639067 - CVE-2018-15688 systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling https://bugzilla.redhat.com/show_bug.cgi?id=1639067 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-7243f31304' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Nov 08, 2018
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!