Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 524
Alerts This Week
Warning Icon 1 524

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 341 articles for you...
203

Mageia 9 Advisory 2026-0046 Opencpn Plugin Security Update

Security update. Publication date: 13 Jul 2026 URL: https://advisories.mageia.org/MGAA-2026-0046.html Type: bugfix Affected Mageia releases: 9 Description: These updates couldn't be provided sooner (QA was overwhelmed by Security updates). Since they are necessary for Sailors' safety they can't wait for an upgrade to Mageia 10. References: - https://bugs.mageia.org/show_bug.cgi?id=35828 SRPMS: - 9/core/opencpn-climatology-plugin-1.6.36.1-1.git20260510.mga9 - 9/core/opencpn-dashboardsk-plugin-0.3.5-1.mga9 - 9/core/opencpn-iacfleet-plugin-0.33.1-1.mga9 - 9/core/opencpn-meteovache-plugin-1.6.8-1.1.mga9 - 9/core/opencpn-polar-plugin-1.2.38.0-1.mga9 - 9/core/opencpn-radar-plugin-5.7.0-1.mga9 - 9/core/opencpn-sar-plugin-4.4.0-1.mga9 - 9/core/opencpn-watchdog-plugin-2.5.4.0-1.mga9 - 9/core/opencpn-weatherfax-plugin-1.10.18.0-1.mga9 . Critical security updates in Mageia for multiple opencpn plugins ensure sailors' safety before upgrading to Mageia 10.. Mageia updates, security patches, bugfix release. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Critical Mageia
89

Fedora 44 Composer High Package Validation Path Traversal 2026-22ba02bee3

Version 2.10.2 - 2026-07-01 Security: Validate package names (GHSA-499r-g7pc-vmp9) Security: Validate package bin paths against path traversal (GHSA-gjfg-22fp- rrxx) Security: Sanitize URL-embedded usernames/token in verbose output. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-22ba02bee3 2026-07-11 01:06:30.201230+00:00 -------------------------------------------------------------------------------- Name : composer Product : Fedora 44 Version : 2.10.2 Release : 1.fc44 URL : https://getcomposer.org/ Summary : Dependency Manager for PHP Description : Composer helps you declare, manage and install dependencies of PHP projects, ensuring you have the right stack everywhere. Documentation: https://getcomposer.org/doc/ -------------------------------------------------------------------------------- Update Information: Version 2.10.2 - 2026-07-01 Security: Validate package names (GHSA-499r-g7pc-vmp9) Security: Validate package bin paths against path traversal (GHSA-gjfg-22fp- rrxx) Security: Sanitize URL-embedded usernames/token in verbose output (GHSA-g6xq-892h-64w3) Security: Only follow HTTP redirects from HTTP responses (#12948) Security: Prevent phar metadata unserialization on unsafe PHP versions (#12946) Security: Sanitize JSON parse errors in http responses to avoid leaking response body data (#12959) Added warning output in self-update command when using a soon-to-be EOL version (#12920) Added download retry when a GitHub codeload URL returns a 400 (#12962) Fixed audit command to output the audit result to stdout (#12904) Fixed backspace characters being output to non-decorated output (#12925) Fixed security advisory blocking causing issues with xdebug enabled (#12935) Fixed provider packages hiding suggestions for the package they provide themselves (#12933) Fixed security advisory blocking causing issues with xdebug enabled(#12935) -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 1 2026 Remi Collet - 2.10.2-1 - update to 2.10.2 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-22ba02bee3' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Composer 2.10.2 security update addresses critical package validation and path traversal issues on Fedora.. Dependency Management, Package Validation, PHP Security, Fedora Updates. . Severity: high. LinuxSecurity.com Team

Calendar%202 Jul 10, 2026 high Fedora
89

Fedora rust-quick-xml Important Security Update 2026-b25dca4806

Update quick-xml for two security advisories, rebuild dependents, and update sandogasa to the latest https://rustsec.org/advisories/RUSTSEC-2026-0194.html https://rustsec.org/advisories/RUSTSEC-2026-0195.html sandogasa. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-b25dca4806 2026-07-06 14:53:30.168848+00:00 -------------------------------------------------------------------------------- Name : rust-quick-xml Product : Fedora 44 Version : 0.41.0 Release : 1.fc44 URL : https://crates.io/crates/quick-xml Summary : High performance xml reader and writer Description : High performance xml reader and writer. -------------------------------------------------------------------------------- Update Information: Update quick-xml for two security advisories, rebuild dependents, and update sandogasa to the latest https://rustsec.org/advisories/RUSTSEC-2026-0194.html https://rustsec.org/advisories/RUSTSEC-2026-0195.html sandogasa v0.15.3 ebranch base-distro guard — resolve/file-requests now know EPEL must not replace RHEL/CentOS Stream packages: deps present in the base at a too-old version are blocked with clear options (alternate package via --override, or lower the requirement) instead of becoming CANTFIX branch requests; file-requests re-checks the base before filing New sandogasa-sourcehut crate — sr.ht GraphQL client; sandogasa-report gains a Sourcehut section (patches, tickets, commits split yours vs third-party, git_emails attribution) ebranch check-crate — human report on stderr alongside --koji/--copr machine output, so build scripts stay pipeable dbranch rebuild — creates debian/gbp.conf when the Debian branch has none and handles the modern single-line salsa-ci.yml Robustness: 120s HTTP timeout on every client; --version on every tool; quick-xml bumped to 0.41 for RUSTSEC-2026-0194/-0195 sandogasa-report: consistent commit detail levels across forges Fulldetails: https://github.com/slopfest/sandogasa/blob/v0.15.3/CHANGELOG.md#v0153 v0.15.2 New sandogasa-review crate — shared keep/explain/remove resolution for reviewer-curated findings; adopted by fedora-review-digest, ebranch check-update, and fedora-cve-triage New sandogasa-forgejo crate — Forgejo/Gitea REST API client (PR activity issue filing); powers sandogasa-report's Forgejo accounting ebranch check-update overhaul — condensed output (counts + version grouping), reviewer curation of blocking findings before karma, branch inference for Fedora side tags (EPEL still needs -b al9 -r @epel), plus fixes for stale-side-tag and rich-dep installability false positives and large-update performance fedora-cve-triage — per-bug keep/explain/remove review before closing detected false positives sandogasa-report — Forgejo PR-merge and issue accounting Full details: https://github.com/slopfest/sandogasa/blob/v0.15.2/CHANGELOG.md#v0152 -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 3 2026 Michel Lind - 0.41.0-1 - Update to version 0.41.0; Resolves RHBZ#2494601 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2494601 - rust-quick-xml-0.41.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2494601 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b25dca4806' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Update quick-xml in Fedora 44 to address high-severity security issues andimprove dependent packages.. Fedora advisory, rust-quick-xml update, security update, security advisories, software dependencies. . Severity: high. LinuxSecurity.com Team

Calendar%202 Jul 06, 2026 high Fedora
89

Fedora 43 python-jupyter-server High Remote Code Exec CVE-2026-44727

New version fixing high-severity CVE.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-275d2ecbbd 2026-07-05 00:49:16.510800+00:00 -------------------------------------------------------------------------------- Name : python-jupyter-server Product : Fedora 43 Version : 2.20.0 Release : 1.fc43 URL : https://jupyter-server.readthedocs.io Summary : The backend for Jupyter web applications Description : The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. -------------------------------------------------------------------------------- Update Information: New version fixing high-severity CVE. -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 19 2026 Lumir Balhar - 2.20.0-1 - Update to 2.20.0 (rhbz#2489836) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2491991 - CVE-2026-44727 python-jupyter-server: Jupyter Server: Remote Code Execution via stored Cross-Site Scripting in nbconvert handlers [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2491991 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-275d2ecbbd' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Update for Fedora 43 addresses high-severity remote code execution issue in python-jupyter-server. Critical fixes and guidance provided.. Fedora 43 Update, Python Jupyter Server, Remote Code Execution, Security Advisory, High Severity CVE. . Severity: high. LinuxSecurity.com Team

Calendar%202 Jul 04, 2026 high Fedora
172

Ubuntu 26.04 High Containerd Denial of Service Issues USN-8472-1

Several security issues were fixed in containerd.. ========================================================================== Ubuntu Security Notice USN-8472-1 June 25, 2026 containerd-app vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in containerd. Software Description: - containerd-app: open and reliable container runtime Details: It was discovered that containerd incorrectly handled HTTP/2 SETTINGS frames. A remote attacker could possibly use this issue to cause containerd to enter an infinite loop, resulting in a denial of service. (CVE-2026-33814) Jakub Ciolek and Kyle Elliott discovered that containerd incorrectly handled group parsing when creating containers from images. An attacker could possibly use this issue to cause containerd to consume excessive memory, resulting in a denial of service. (CVE-2026-47262) Henry Beberman and Robert Prast discovered that containerd incorrectly validated image references when importing container checkpoints. An attacker could possibly use this issue to poison the local image cache and execute arbitrary code in other pods. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.10 and Ubuntu 26.04 LTS. (CVE-2026-50195) Robert Prast discovered that containerd incorrectly propagated labels from image configurations to containers. An attacker could possibly use this issue to execute arbitrary code on the host. (CVE-2026-53488) Yuming Zhang, Song Li, Sangwon Ryu, Henry Beberman, Robert Prast, Kyle Elliott and Zhenchen Wang discovered that containerd incorrectly validated symlinked paths when restoring container checkpoints. An attacker could possibly use this issue to read arbitrary files on the host, resulting in information disclosure. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS,Ubuntu 25.10 and Ubuntu 26.04 LTS. (CVE-2026-53489) Robert Prast discovered that containerd incorrectly trusted device interface annotations when restoring container checkpoints. An attacker could possibly use this issue to bypass resource allocation restrictions and inject devices or host mounts into a container. This issue only affected Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.10 and Ubuntu 26.04 LTS. (CVE-2026-53492) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS containerd 2.2.2-0ubuntu1.1 Ubuntu 25.10 containerd 2.2.1-0ubuntu1~25.10.2 Ubuntu 24.04 LTS containerd 2.2.1-0ubuntu1~24.04.3 Ubuntu 22.04 LTS containerd 2.2.1-0ubuntu1~22.04.2 Ubuntu 20.04 LTS containerd 1.7.24-0ubuntu1~20.04.2+esm2 Available with Ubuntu Pro After a standard system update you need to restart containerd to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8472-1 CVE-2026-33814, CVE-2026-47262, CVE-2026-50195, CVE-2026-53488, CVE-2026-53489, CVE-2026-53492 Package Information: https://launchpad.net/ubuntu/+source/containerd-app/2.2.2-0ubuntu1.1 https://launchpad.net/ubuntu/+source/containerd-app/2.2.1-0ubuntu1~25.10.2 https://launchpad.net/ubuntu/+source/containerd-app/2.2.1-0ubuntu1~24.04.3 https://launchpad.net/ubuntu/+source/containerd-app/2.2.1-0ubuntu1~22.04.2 . Multiple security concerns fixed in containerd affecting Ubuntu LTS versions. Immediate updates are essential!. Ubuntu security issues, containerd update, denial of service, memory exhaustion. . Severity: high. LinuxSecurity.com Team

Calendar%202 Jun 25, 2026 high Ubuntu
172

Ubuntu 22.04 Lowlatency High Socket Buffer Escalation USN-8388-2

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8388-2 June 22, 2026 linux-intel-iotg-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-lowlatency: Linux low latency kernel - linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms - linux-lowlatency-hwe-5.15: Linux low latency kernel Details: It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-43284, CVE-2026-43500) It was discovered that a logic flaw existed in the XFRM ESP-in-TCP subsystem in the Linux kernel when handling socket buffer fragments. This flaw is known as Fragnesia. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-43503, CVE-2026-46300) Qualys discovered that a race condition existed in the ptrace subsystem of the Linux kernel when privileged processes are exiting. An unprivileged local attacker could use this issue to expose sensitive information. (CVE-2026-46333) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RDS protocol; (CVE-2026-43494) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS linux-image-5.15.0-181-lowlatency 5.15.0-181.191 linux-image-5.15.0-181-lowlatency-64k 5.15.0-181.191 linux-image-lowlatency 5.15.0.181.152 linux-image-lowlatency-5.15 5.15.0.181.152 linux-image-lowlatency-64k 5.15.0.181.152 linux-image-lowlatency-64k-5.15 5.15.0.181.152 Ubuntu 20.04 LTS linux-image-5.15.0-1104-intel-iotg 5.15.0-1104.110~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-181-lowlatency 5.15.0-181.191~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-181-lowlatency-64k 5.15.0-181.191~20.04.1 Available with Ubuntu Pro linux-image-intel 5.15.0.1104.110~20.04.1 Available with Ubuntu Pro linux-image-intel-iotg 5.15.0.1104.110~20.04.1 Available with Ubuntu Pro linux-image-intel-iotg-5.15 5.15.0.1104.110~20.04.1 Available with Ubuntu Pro linux-image-lowlatency-5.15 5.15.0.181.191~20.04.1 Available with Ubuntu Pro linux-image-lowlatency-64k-5.15 5.15.0.181.191~20.04.1 Available with Ubuntu Pro linux-image-lowlatency-64k-hwe-20.04 5.15.0.181.191~20.04.1 Available with Ubuntu Pro linux-image-lowlatency-hwe-20.04 5.15.0.181.191~20.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8388-2 https://ubuntu.com/security/notices/USN-8388-1 CVE-2026-43284, CVE-2026-43494, CVE-2026-43500, CVE-2026-43503, CVE-2026-46300, CVE-2026-46333 Package Information: https://launchpad.net/ubuntu/+source/linux-lowlatency/5.15.0-181.191 . Explore the security essentials of Ubuntu's new kernel update addressing privilege escalation issues with critical patches.. Ubuntu Kernel Update Escalation Socket Buffer. . Severity: high. LinuxSecurity.com Team

Calendar%202 Jun 22, 2026 high Ubuntu
89

Fedora 44 perl-GD Critical Command Injection Threat CVE-2026-11526

This update fixes a command injection issue resulting from the use of the 2-argument form of open (CVE-2026-11526).. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-263adf0222 2026-06-19 00:59:07.048628+00:00 -------------------------------------------------------------------------------- Name : perl-GD Product : Fedora 44 Version : 2.86 Release : 1.fc44 URL : https://metacpan.org/release/GD Summary : Perl interface to the GD graphics library Description : This is a auto-loadable interface module for GD, a popular library for creating and manipulating PNG files. With this library you can create PNG images on the fly or modify existing files. -------------------------------------------------------------------------------- Update Information: This update fixes a command injection issue resulting from the use of the 2-argument form of open (CVE-2026-11526). -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 9 2026 Paul Howarth - 2.86-1 - Update to 2.86 - Fix command injection via 2-arg open() in _make_filehandle (CVE-2026-11526) * Tue Jun 2 2026 Paul Howarth - 2.85-1 - Update to 2.85 - Tolerate runtime TIFF decode failures in autodetect (GH#62) - Replace cpm with cpanm in github actions - Fixed a minor precedence bug in t/z_manifest.t -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-263adf0222' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . A critical update for Fedora 44 addressing a command injection flaw in perl-GD, identified as CVE-2026-11526, requiring immediate action.. perl-GD command injection security fix Fedora update. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 18, 2026 Critical Fedora
197

Debian Nginx Critical RCE Denial Of Service Vuln DLA-4634-1 CVE-2026-9256

A vulnerability was discoverd in Nginx, a high-performance web and reverse proxy server, which could result in remote code execution and denial of service. For Debian 11 bullseye, this problem has been fixed in version 1.18.0-6.1+deb11u7.. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4634-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Carlos Henrique Lima Melara June 17, 2026 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : nginx Version : 1.18.0-6.1+deb11u7 CVE ID : CVE-2026-9256 Debian Bug : 1137339 A vulnerability was discoverd in Nginx, a high-performance web and reverse proxy server, which could result in remote code execution and denial of service. For Debian 11 bullseye, this problem has been fixed in version 1.18.0-6.1+deb11u7. We recommend that you upgrade your nginx packages. For the detailed security status of nginx please refer to its security tracker page at: https://security-tracker.debian.org/tracker/nginx Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Nginx security update addresses critical risks including remote code execution and DoS for Debian 11 bullseye. Upgrade recommended.. nginx security update, remote code execution, Debian 11 bullseye, denial of service fix, Linux security patches. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 17, 2026 Critical Debian LTS
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200