Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
219
Ls Advisories Rockylinux Esm H240
Price Tag 1security advisorymoderatedenial of service

Ubuntu Core 24 mysql Strong DDoS Mitigation RLSB-2032-9530

Moderate: mariadb:10.11 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:6435", "synopsis": "Moderate: mariadb:10.11 security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for module.Judy, Judy.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. \n\nSecurity Fix(es):\n\n* mysql: High Privilege Denial of Service Vulnerability in MySQL Server (CVE-2025-21490)\n\n* mariadb: MariaDB Server Crash Due to Empty Backtrace Log (CVE-2023-52969)\n\n* mariadb: MariaDB Server Crash (CVE-2023-52971)\n\n* mariadb: MariaDB Server Crash via Item_direct_view_ref (CVE-2023-52970)\n\n* mysql: mysqldump unspecified vulnerability (CPU Apr 2025) (CVE-2025-30722)\n\n* mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30693)\n\n* mysql: Optimizer unspecified vulnerability (CPU Jan 2026) (CVE-2026-21968)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2339221", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2339221", "description": ""}, {"ticket": "2350916", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2350916", "description": ""}, {"ticket": "2350917", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2350917", "description": ""}, {"ticket": "2350918", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2350918", "description": ""}, {"ticket": "2359885", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2359885", "description":""}, {"ticket": "2359963", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2359963", "description": ""}, {"ticket": "2431409", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2431409", "description": ""}], "cves": [{"name": "CVE-2023-52969", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52969", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "4.9", "cwe": "CWE-1038"}, {"name": "CVE-2023-52970", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52970", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "4.9", "cwe": "CWE-1038"}, {"name": "CVE-2023-52971", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-52971", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "4.9", "cwe": "CWE-1038"}, {"name": "CVE-2025-21490", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21490", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "4.9", "cwe": "CWE-404"}, {"name": "CVE-2025-30693", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30693", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H", "cvss3BaseScore": "5.5", "cwe": null}, {"name": "CVE-2025-30722", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30722", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "cvss3BaseScore": "5.9", "cwe": null}, {"name": "CVE-2026-21968", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-21968", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "6.5", "cwe": null}], "references": [], "publishedAt": "2026-04-02T12:03:24.767871Z", "rpms": {"Rocky Linux8": {"nvras": ["Judy-0:1.0.5-18.module+el8.4.0+427+adf35707.x86_64.rpm", "Judy-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.x86_64.rpm", "Judy-0:1.0.5-18.module+el8.4.0+431+26aaed18.x86_64.rpm", "Judy-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.x86_64.rpm", "Judy-0:1.0.5-18.module+el8.10.0+1925+356c22e8.x86_64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.10.0+1925+356c22e8.x86_64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.x86_64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.x86_64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.4.0+431+26aaed18.x86_64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.4.0+427+adf35707.x86_64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.x86_64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.10.0+1925+356c22e8.x86_64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.4.0+427+adf35707.x86_64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.x86_64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.4.0+431+26aaed18.x86_64.rpm", "Judy-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.aarch64.rpm", "Judy-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.aarch64.rpm", "Judy-0:1.0.5-18.module+el8.4.0+431+26aaed18.aarch64.rpm", "Judy-0:1.0.5-18.module+el8.4.0+427+adf35707.aarch64.rpm", "Judy-0:1.0.5-18.module+el8.10.0+1925+356c22e8.aarch64.rpm", "Judy-0:1.0.5-18.module+el8.4.0+431+26aaed18.src.rpm", "Judy-0:1.0.5-18.module+el8.10.0+1925+356c22e8.src.rpm", "Judy-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.src.rpm", "Judy-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.src.rpm", "Judy-0:1.0.5-18.module+el8.4.0+427+adf35707.src.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.aarch64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.10.0+1925+356c22e8.aarch64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.4.0+431+26aaed18.aarch64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.aarch64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.4.0+427+adf35707.aarch64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.4.0+431+26aaed18.aarch64.rpm","Judy-debugsource-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.aarch64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.10.0+1925+356c22e8.aarch64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.aarch64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.4.0+427+adf35707.aarch64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Discover crucial updates for Rocky Linux on mariadb, addressing moderate security issues with detailed insights and recommendations.. Rocky Linux updates, mariadb security, Moose vulnerability, database server patching. . LinuxSecurity.com Team

Calendar 2 Apr 02, 2026 Rocky Linux
219
Ls Advisories Rockylinux Esm H240
Price Tag 1security advisorymoderatedenial of service

Rocky Linux 8 MariaDB Security Update RLSA-2026-8625 Moderate Risk Alert

Moderate: mariadb:10.11 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:6435", "synopsis": "Moderate: mariadb:10.11 security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for module.Judy, Judy.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. \n\nSecurity Fix(es):\n\n* mysql: High Privilege Denial of Service Vulnerability in MySQL Server (CVE-2025-21490)\n\n* mariadb: MariaDB Server Crash Due to Empty Backtrace Log (CVE-2023-52969)\n\n* mariadb: MariaDB Server Crash (CVE-2023-52971)\n\n* mariadb: MariaDB Server Crash via Item_direct_view_ref (CVE-2023-52970)\n\n* mysql: mysqldump unspecified vulnerability (CPU Apr 2025) (CVE-2025-30722)\n\n* mysql: InnoDB unspecified vulnerability (CPU Apr 2025) (CVE-2025-30693)\n\n* mysql: Optimizer unspecified vulnerability (CPU Jan 2026) (CVE-2026-21968)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2339221", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2339221", "description": ""}, {"ticket": "2350916", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2350916", "description": ""}, {"ticket": "2350917", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2350917", "description": ""}, {"ticket": "2350918", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2350918", "description": ""}, {"ticket": "2359885", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2359885", "description":""}, {"ticket": "2359963", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2359963", "description": ""}, {"ticket": "2431409", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2431409", "description": ""}], "cves": [{"name": "CVE-2023-52969", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-52969", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "4.9", "cwe": "CWE-1038"}, {"name": "CVE-2023-52970", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-52970", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "4.9", "cwe": "CWE-1038"}, {"name": "CVE-2023-52971", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-52971", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "4.9", "cwe": "CWE-1038"}, {"name": "CVE-2025-21490", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-21490", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "4.9", "cwe": "CWE-404"}, {"name": "CVE-2025-30693", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-30693", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H", "cvss3BaseScore": "5.5", "cwe": null}, {"name": "CVE-2025-30722", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-30722", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "cvss3BaseScore": "5.9", "cwe": null}, {"name": "CVE-2026-21968", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2026-21968", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "6.5", "cwe": null}], "references": [], "publishedAt": "2026-04-02T12:03:24.767871Z", "rpms": {"Rocky Linux 8": {"nvras": ["Judy-0:1.0.5-18.module+el8.4.0+427+adf35707.x86_64.rpm","Judy-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.x86_64.rpm", "Judy-0:1.0.5-18.module+el8.4.0+431+26aaed18.x86_64.rpm", "Judy-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.x86_64.rpm", "Judy-0:1.0.5-18.module+el8.10.0+1925+356c22e8.x86_64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.10.0+1925+356c22e8.x86_64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.x86_64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.x86_64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.4.0+431+26aaed18.x86_64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.4.0+427+adf35707.x86_64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.x86_64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.10.0+1925+356c22e8.x86_64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.4.0+427+adf35707.x86_64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.x86_64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.4.0+431+26aaed18.x86_64.rpm", "Judy-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.aarch64.rpm", "Judy-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.aarch64.rpm", "Judy-0:1.0.5-18.module+el8.4.0+431+26aaed18.aarch64.rpm", "Judy-0:1.0.5-18.module+el8.4.0+427+adf35707.aarch64.rpm", "Judy-0:1.0.5-18.module+el8.10.0+1925+356c22e8.aarch64.rpm", "Judy-0:1.0.5-18.module+el8.4.0+431+26aaed18.src.rpm", "Judy-0:1.0.5-18.module+el8.10.0+1925+356c22e8.src.rpm", "Judy-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.src.rpm", "Judy-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.src.rpm", "Judy-0:1.0.5-18.module+el8.4.0+427+adf35707.src.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.aarch64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.10.0+1925+356c22e8.aarch64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.4.0+431+26aaed18.aarch64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.aarch64.rpm", "Judy-debuginfo-0:1.0.5-18.module+el8.4.0+427+adf35707.aarch64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.4.0+431+26aaed18.aarch64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.10.0+1674+fa55eae9.aarch64.rpm","Judy-debugsource-0:1.0.5-18.module+el8.10.0+1925+356c22e8.aarch64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.10.0+40062+b4bfe4b1.aarch64.rpm", "Judy-debugsource-0:1.0.5-18.module+el8.4.0+427+adf35707.aarch64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. A moderate security advisory for Rocky Linux 8 includes important mariadb updates addressing several issues with low and moderate severities.. Rocky Linux 8, mariadb updates, security advisory, system vulnerabilities. . LinuxSecurity.com Team

Calendar 2 Apr 02, 2026 Rocky Linux
Banner 1 1028x280 1708121660 1771599717
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryimportantattack

SUSE: 2024:3785-1 important: pcp local privilege escalation and updates

* bsc#1217826 * bsc#1222815 * bsc#1230551 * bsc#1230552 * bsc#1231345 . # Security update for pcp Announcement ID: SUSE-SU-2024:3785-1 Release Date: 2024-10-30T07:56:18Z Rating: important References: * bsc#1217826 * bsc#1222815 * bsc#1230551 * bsc#1230552 * bsc#1231345 * jsc#PED-8192 * jsc#PED-8389 Cross-References: * CVE-2023-6917 * CVE-2024-45769 * CVE-2024-45770 CVSS scores: * CVE-2023-6917 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45769 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-45769 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45769 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45770 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2024-45770 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2024-45770 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities, contains two features and has two security fixes can now be installed. ## Description: This update for pcp fixes the following issues: pcp was updated from version 5.2.5 to version 6.2.0 (jsc#PED-8192, jsc#PED-8389): * Security issues fixed: * CVE-2024-45770: Fixed a symlink attack that allows escalating from the pcp to the root user (bsc#1230552) * CVE-2024-45769: Fixed a heap corruption through metric pmstore operations (bsc#1230551) * CVE-2023-6917: Fixed local privilege escalation from pcp user to root in /usr/libexec/pcp/lib/pmproxy (bsc#1217826) * Major changes: * Add version 3 PCP archive support:instance domain change-deltas, Y2038-safe timestamps, nanosecond-precision timestamps, arbitrary timezones support, 64-bit file offsets used throughout for larger (beyond 2GB) individual volumes * Opt-in using the /etc/pcp.conf PCP_ARCHIVE_VERSION setting * Version 2 archives remain the default (for next few years) * Switch to using OpenSSL only throughout PCP (dropped NSS/NSPR); this impacts on libpcp, PMAPI clients and PMCD use of encryption; these are now configured and used consistently with pmproxy HTTPS support and redis- server, which were both already using OpenSSL. * New nanosecond precision timestamp PMAPI calls for PCP library interfaces that make use of timestamps These are all optional, and full backward compatibility is preserved for existing tools. * For the full list of changes please consult the packaged CHANGELOG file * Other packaging changes: * Moved pmlogger_daily into the main package (bsc#1222815) * Change dependency from openssl-devel > = 1.1.1 to openssl-devel > = 1.0.2p. Required for SLE-12 * Introduce 'pmda-resctrl' package, disabled for architectures other than x86_64 * Change the architecture for various subpackages to 'noarch' as they contain no binaries * Disable 'pmda-mssql', as it fails to build ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3785=1 openSUSE-SLE-15.5-2024-3785=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-3785=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * pcp-pmda-gfs2-debuginfo-6.2.0-150500.8.6.1 * pcp-system-tools-debuginfo-6.2.0-150500.8.6.1 * libpcp-devel-6.2.0-150500.8.6.1 * libpcp_trace2-6.2.0-150500.8.6.1 *perl-PCP-LogImport-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-cisco-6.2.0-150500.8.6.1 * pcp-testsuite-6.2.0-150500.8.6.1 * libpcp_import1-6.2.0-150500.8.6.1 * pcp-pmda-bash-6.2.0-150500.8.6.1 * pcp-gui-debuginfo-6.2.0-150500.8.6.1 * python3-pcp-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-bind2-6.2.0-150500.8.6.1 * pcp-pmda-logger-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-shping-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-roomtemp-6.2.0-150500.8.6.1 * pcp-pmda-shping-6.2.0-150500.8.6.1 * pcp-pmda-gfs2-6.2.0-150500.8.6.1 * pcp-pmda-apache-debuginfo-6.2.0-150500.8.6.1 * pcp-devel-6.2.0-150500.8.6.1 * pcp-pmda-zimbra-6.2.0-150500.8.6.1 * pcp-testsuite-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-mailq-debuginfo-6.2.0-150500.8.6.1 * pcp-import-collectl2pcp-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-nvidia-gpu-6.2.0-150500.8.6.1 * pcp-pmda-docker-debuginfo-6.2.0-150500.8.6.1 * libpcp3-6.2.0-150500.8.6.1 * pcp-pmda-sendmail-debuginfo-6.2.0-150500.8.6.1 * perl-PCP-MMV-6.2.0-150500.8.6.1 * python3-pcp-6.2.0-150500.8.6.1 * pcp-pmda-smart-debuginfo-6.2.0-150500.8.6.1 * pcp-devel-debuginfo-6.2.0-150500.8.6.1 * libpcp_mmv1-debuginfo-6.2.0-150500.8.6.1 * libpcp_gui2-debuginfo-6.2.0-150500.8.6.1 * pcp-debugsource-6.2.0-150500.8.6.1 * pcp-pmda-zimbra-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-trace-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-cifs-6.2.0-150500.8.6.1 * perl-PCP-PMDA-6.2.0-150500.8.6.1 * perl-PCP-MMV-debuginfo-6.2.0-150500.8.6.1 * libpcp_import1-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-cifs-debuginfo-6.2.0-150500.8.6.1 * pcp-6.2.0-150500.8.6.1 * pcp-pmda-sockets-6.2.0-150500.8.6.1 * pcp-pmda-mounts-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-bash-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-dm-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-lustrecomm-6.2.0-150500.8.6.1 * pcp-pmda-weblog-6.2.0-150500.8.6.1 * pcp-gui-6.2.0-150500.8.6.1 * pcp-pmda-sendmail-6.2.0-150500.8.6.1 *pcp-pmda-docker-6.2.0-150500.8.6.1 * pcp-pmda-hacluster-6.2.0-150500.8.6.1 * libpcp_mmv1-6.2.0-150500.8.6.1 * pcp-pmda-cisco-debuginfo-6.2.0-150500.8.6.1 * libpcp_web1-6.2.0-150500.8.6.1 * pcp-pmda-smart-6.2.0-150500.8.6.1 * pcp-pmda-trace-6.2.0-150500.8.6.1 * libpcp3-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-nvidia-gpu-debuginfo-6.2.0-150500.8.6.1 * pcp-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-hacluster-debuginfo-6.2.0-150500.8.6.1 * libpcp_gui2-6.2.0-150500.8.6.1 * pcp-pmda-mounts-6.2.0-150500.8.6.1 * pcp-pmda-weblog-debuginfo-6.2.0-150500.8.6.1 * pcp-system-tools-6.2.0-150500.8.6.1 * perl-PCP-LogSummary-6.2.0-150500.8.6.1 * pcp-pmda-logger-6.2.0-150500.8.6.1 * pcp-pmda-lustrecomm-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-summary-6.2.0-150500.8.6.1 * perl-PCP-LogImport-6.2.0-150500.8.6.1 * pcp-import-collectl2pcp-6.2.0-150500.8.6.1 * pcp-pmda-roomtemp-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-systemd-6.2.0-150500.8.6.1 * pcp-pmda-systemd-debuginfo-6.2.0-150500.8.6.1 * libpcp_trace2-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-mailq-6.2.0-150500.8.6.1 * pcp-pmda-sockets-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-dm-6.2.0-150500.8.6.1 * pcp-pmda-summary-debuginfo-6.2.0-150500.8.6.1 * perl-PCP-PMDA-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-apache-6.2.0-150500.8.6.1 * libpcp_web1-debuginfo-6.2.0-150500.8.6.1 * openSUSE Leap 15.5 (noarch) * pcp-export-pcp2influxdb-6.2.0-150500.8.6.1 * pcp-pmda-netfilter-6.2.0-150500.8.6.1 * pcp-pmda-elasticsearch-6.2.0-150500.8.6.1 * pcp-pmda-netcheck-6.2.0-150500.8.6.1 * pcp-doc-6.2.0-150500.8.6.1 * pcp-pmda-mysql-6.2.0-150500.8.6.1 * pcp-pmda-bonding-6.2.0-150500.8.6.1 * pcp-pmda-openmetrics-6.2.0-150500.8.6.1 * pcp-pmda-ds389-6.2.0-150500.8.6.1 * pcp-pmda-rsyslog-6.2.0-150500.8.6.1 * pcp-import-ganglia2pcp-6.2.0-150500.8.6.1 * pcp-pmda-news-6.2.0-150500.8.6.1 * pcp-export-pcp2graphite-6.2.0-150500.8.6.1 *pcp-export-pcp2elasticsearch-6.2.0-150500.8.6.1 * pcp-import-mrtg2pcp-6.2.0-150500.8.6.1 * pcp-import-iostat2pcp-6.2.0-150500.8.6.1 * pcp-pmda-samba-6.2.0-150500.8.6.1 * pcp-export-pcp2zabbix-6.2.0-150500.8.6.1 * pcp-pmda-nfsclient-6.2.0-150500.8.6.1 * pcp-pmda-openvswitch-6.2.0-150500.8.6.1 * pcp-pmda-snmp-6.2.0-150500.8.6.1 * pcp-export-pcp2json-6.2.0-150500.8.6.1 * pcp-pmda-dbping-6.2.0-150500.8.6.1 * pcp-pmda-slurm-6.2.0-150500.8.6.1 * pcp-conf-6.2.0-150500.8.6.1 * pcp-pmda-mic-6.2.0-150500.8.6.1 * pcp-export-pcp2xml-6.2.0-150500.8.6.1 * pcp-pmda-haproxy-6.2.0-150500.8.6.1 * pcp-pmda-lmsensors-6.2.0-150500.8.6.1 * pcp-pmda-oracle-6.2.0-150500.8.6.1 * pcp-export-pcp2spark-6.2.0-150500.8.6.1 * pcp-pmda-nginx-6.2.0-150500.8.6.1 * pcp-pmda-gpfs-6.2.0-150500.8.6.1 * pcp-pmda-named-6.2.0-150500.8.6.1 * pcp-pmda-activemq-6.2.0-150500.8.6.1 * pcp-zeroconf-6.2.0-150500.8.6.1 * pcp-pmda-gluster-6.2.0-150500.8.6.1 * pcp-pmda-nutcracker-6.2.0-150500.8.6.1 * pcp-import-sar2pcp-6.2.0-150500.8.6.1 * pcp-pmda-lustre-6.2.0-150500.8.6.1 * pcp-pmda-zswap-6.2.0-150500.8.6.1 * pcp-pmda-postfix-6.2.0-150500.8.6.1 * pcp-pmda-redis-6.2.0-150500.8.6.1 * pcp-pmda-unbound-6.2.0-150500.8.6.1 * pcp-pmda-rabbitmq-6.2.0-150500.8.6.1 * pcp-pmda-gpsd-6.2.0-150500.8.6.1 * pcp-pmda-json-6.2.0-150500.8.6.1 * pcp-pmda-ds389log-6.2.0-150500.8.6.1 * pcp-pmda-memcache-6.2.0-150500.8.6.1 * pcp-pmda-pdns-6.2.0-150500.8.6.1 * openSUSE Leap 15.5 (aarch64 ppc64le x86_64 i586) * pcp-pmda-infiniband-6.2.0-150500.8.6.1 * pcp-pmda-infiniband-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-perfevent-6.2.0-150500.8.6.1 * pcp-pmda-perfevent-debuginfo-6.2.0-150500.8.6.1 * openSUSE Leap 15.5 (x86_64) * pcp-pmda-resctrl-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-resctrl-6.2.0-150500.8.6.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) *pcp-system-tools-debuginfo-6.2.0-150500.8.6.1 * libpcp-devel-6.2.0-150500.8.6.1 * libpcp_trace2-6.2.0-150500.8.6.1 * perl-PCP-LogImport-debuginfo-6.2.0-150500.8.6.1 * libpcp_import1-6.2.0-150500.8.6.1 * pcp-devel-6.2.0-150500.8.6.1 * perl-PCP-MMV-6.2.0-150500.8.6.1 * libpcp3-6.2.0-150500.8.6.1 * pcp-devel-debuginfo-6.2.0-150500.8.6.1 * libpcp_mmv1-debuginfo-6.2.0-150500.8.6.1 * libpcp_gui2-debuginfo-6.2.0-150500.8.6.1 * pcp-debugsource-6.2.0-150500.8.6.1 * perl-PCP-PMDA-6.2.0-150500.8.6.1 * perl-PCP-MMV-debuginfo-6.2.0-150500.8.6.1 * libpcp_import1-debuginfo-6.2.0-150500.8.6.1 * pcp-6.2.0-150500.8.6.1 * libpcp_mmv1-6.2.0-150500.8.6.1 * libpcp_web1-6.2.0-150500.8.6.1 * libpcp3-debuginfo-6.2.0-150500.8.6.1 * pcp-debuginfo-6.2.0-150500.8.6.1 * libpcp_gui2-6.2.0-150500.8.6.1 * perl-PCP-LogSummary-6.2.0-150500.8.6.1 * pcp-system-tools-6.2.0-150500.8.6.1 * perl-PCP-LogImport-6.2.0-150500.8.6.1 * libpcp_trace2-debuginfo-6.2.0-150500.8.6.1 * python3-pcp-debuginfo-6.2.0-150500.8.6.1 * perl-PCP-PMDA-debuginfo-6.2.0-150500.8.6.1 * python3-pcp-6.2.0-150500.8.6.1 * libpcp_web1-debuginfo-6.2.0-150500.8.6.1 * Development Tools Module 15-SP5 (noarch) * pcp-doc-6.2.0-150500.8.6.1 * pcp-conf-6.2.0-150500.8.6.1 * pcp-import-iostat2pcp-6.2.0-150500.8.6.1 * pcp-import-sar2pcp-6.2.0-150500.8.6.1 * pcp-import-mrtg2pcp-6.2.0-150500.8.6.1 * Development Tools Module 15-SP5 (ppc64le) * pcp-pmda-perfevent-debuginfo-6.2.0-150500.8.6.1 * pcp-pmda-perfevent-6.2.0-150500.8.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-6917.html * https://www.suse.com/security/cve/CVE-2024-45769.html * https://www.suse.com/security/cve/CVE-2024-45770.html * https://bugzilla.suse.com/show_bug.cgi?id=1217826 * https://bugzilla.suse.com/show_bug.cgi?id=1222815 * https://bugzilla.suse.com/show_bug.cgi?id=1230551 * https://bugzilla.suse.com/show_bug.cgi?id=1230552 *https://bugzilla.suse.com/show_bug.cgi?id=1231345 * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FPED-8192&page_caps=&user_role= * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=%2Fbrowse%2FPED-8389&page_caps=&user_role= . Security patches for pcp emphasize severe weaknesses in SUSE offerings, outlining essential remedies and categories of risks.. pcp security updates, SUSE security advisory, privilege escalation, pcp local exploit. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Oct 30, 2024 Important SuSE
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorysecurity updateexploit

openSUSE: 2019:2534-1 Important: Ghostscript High Privilege Exploit

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for ghostscript ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:2534-1 Rating: important References: #1156275 Cross-References: CVE-2019-14869 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for ghostscript fixes the following issues: - CVE-2019-14869: Fixed a possible dSAFER escape which could have allowed an attacker to gain high privileges by a specially crafted Postscript code (bsc#1156275). This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-2534=1 Package List: - openSUSE Leap 15.0 (i586 x86_64): ghostscript-9.27-lp150.2.26.1 ghostscript-debuginfo-9.27-lp150.2.26.1 ghostscript-debugsource-9.27-lp150.2.26.1 ghostscript-devel-9.27-lp150.2.26.1 ghostscript-mini-9.27-lp150.2.26.1 ghostscript-mini-debuginfo-9.27-lp150.2.26.1 ghostscript-mini-debugsource-9.27-lp150.2.26.1 ghostscript-mini-devel-9.27-lp150.2.26.1 ghostscript-x11-9.27-lp150.2.26.1 ghostscript-x11-debuginfo-9.27-lp150.2.26.1 References: https://www.suse.com/security/cve/CVE-2019-14869.html https://bugzilla.suse.com/1156275 -- . A significant release for Ghostscript addresses a severe vulnerability that permits elevated access through specially designed Postscript scripts.. openSUSE Security Update, ghostscript exploit, important patch, security notification. . Severity:Important. LinuxSecurity.com Team

Calendar 2 Nov 20, 2019 Important OpenSUSE
Banner 1 1028x280 1708121660 1771599717
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryghostscriptSUSE

SUSE: 2019:2981-1 Important: Ghostscript High Privilege Risk

An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for ghostscript ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:2981-1 Rating: important References: #1156275 Cross-References: CVE-2019-14869 Affected Products: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Basesystem 15-SP1 SUSE Linux Enterprise Module for Basesystem 15 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for ghostscript fixes the following issues: - CVE-2019-14869: Fixed a possible dSAFER escape which could have allowed an attacker to gain high privileges by a specially crafted Postscript code (bsc#1156275). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2981=1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2019-2981=1 - SUSE Linux Enterprise Module for Basesystem 15-SP1: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2019-2981=1 - SUSE Linux Enterprise Module for Basesystem 15: zypper in -t patch SUSE-SLE-Module-Basesystem-15-2019-2981=1 Package List: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (aarch64 ppc64le s390x x86_64): ghostscript-mini-9.27-3.24.1 ghostscript-mini-debuginfo-9.27-3.24.1 ghostscript-mini-debugsource-9.27-3.24.1 ghostscript-mini-devel-9.27-3.24.1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64): ghostscript-mini-9.27-3.24.1 ghostscript-mini-debuginfo-9.27-3.24.1 ghostscript-mini-debugsource-9.27-3.24.1 ghostscript-mini-devel-9.27-3.24.1 - SUSE Linux Enterprise Module for Basesystem 15-SP1 (aarch64 ppc64le s390x x86_64): ghostscript-9.27-3.24.1 ghostscript-debuginfo-9.27-3.24.1 ghostscript-debugsource-9.27-3.24.1 ghostscript-devel-9.27-3.24.1 ghostscript-x11-9.27-3.24.1 ghostscript-x11-debuginfo-9.27-3.24.1 - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64): ghostscript-9.27-3.24.1 ghostscript-debuginfo-9.27-3.24.1 ghostscript-debugsource-9.27-3.24.1 ghostscript-devel-9.27-3.24.1 ghostscript-x11-9.27-3.24.1 ghostscript-x11-debuginfo-9.27-3.24.1 References: https://www.suse.com/security/cve/CVE-2019-14869.html https://bugzilla.suse.com/1156275 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . SUSE Security Patch addresses critical vulnerability in Ghostscript: elevated threat level due to specially designed Postscript content.. SUSE Linux, Ghostscript Update, Security Fixes, Important Advisory, System Security. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 15, 2019 Important SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here