Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 2,187 articles for you...
89

Fedora 44 python-jupyter-server High CVE Fixes 2026-dd1d19e58b

New version fixing high-severity CVE. New version of jupyter-server fixing various security vulnerabilities.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-dd1d19e58b 2026-07-05 01:07:02.694197+00:00 -------------------------------------------------------------------------------- Name : python-jupyter-server Product : Fedora 44 Version : 2.20.0 Release : 1.fc44 URL : https://jupyter-server.readthedocs.io Summary : The backend for Jupyter web applications Description : The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. -------------------------------------------------------------------------------- Update Information: New version fixing high-severity CVE. New version of jupyter-server fixing various security vulnerabilities. -------------------------------------------------------------------------------- ChangeLog: * Fri Jun 19 2026 Lumir Balhar - 2.20.0-1 - Update to 2.20.0 (rhbz#2489836) * Thu Jun 4 2026 Python Maint - 2.19.0-2 - Rebuilt for Python 3.15 * Mon Jun 1 2026 Lumir Balhar - 2.19.0-1 - Update to 2.19.0 (rhbz#2483209) * Mon May 11 2026 Lumir Balhar - 2.18.2-1 - Update to 2.18.2 (rhbz#2466683) * Tue May 5 2026 Lumir Balhar - 2.18.0-1 - Update to 2.18.0 (rhbz#2465646) * Tue Apr 14 2026 Tomáš Hrnčiar - 2.17.0-5 - Raise pytest upper bound to allow pytest 9 * Fri Mar 20 2026 Lumir Balhar - 2.17.0-4 - Ignore deprecation warnings from ptyprocess:pty to fix build with Python 3.15 alpha 7 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2484708 - CVE-2026-35397 python-jupyter-server: Jupyter Server: Unauthorized File Access via Path Traversal Vulnerability [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2484708 [ 2 ] Bug #2484713 - CVE-2026-40934 python-jupyter-server: Jupyter Server:Authentication bypass due to unrotated cookie secret [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2484713 [ 3 ] Bug #2485374 - CVE-2026-6657 python-jupyter-server: jupyter-server: Arbitrary code execution due to CORS origin validation bypass [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2485374 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-dd1d19e58b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Fixes high-severity security issue in Jupyter Server with improved vulnerabilities.. Jupyter Server Security Update, Fedora High Severity Vulnerabilities, Python Jupyter Server Fix. . Severity: high. LinuxSecurity.com Team

Calendar%202 Jul 04, 2026 high Fedora
89

Fedora 44 perl-YAML-Syck High Heap Overflow Threat CVE-2026-4177

YAML::Syck versions up to and including 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter. The heap overflow occurs when class names exceed the initial 512-byte allocation. The base64 decoder could read past the buffer end on trailing newlines. strtok mutated n-> type_id in place, corrupting shared node. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-a8d89d8ae2 2026-03-31 00:16:35.926016+00:00 -------------------------------------------------------------------------------- Name : perl-YAML-Syck Product : Fedora 44 Version : 1.39 Release : 1.fc44 URL : https://metacpan.org/release/YAML-Syck Summary : Fast, lightweight YAML loader and dumper Description : This module provides a Perl interface to the libsyck data serialization library. It exports the Dump and Load functions for converting Perl data structures to YAML strings, and the other way around. -------------------------------------------------------------------------------- Update Information: YAML::Syck versions up to and including 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter. The heap overflow occurs when class names exceed the initial 512-byte allocation. The base64 decoder could read past the buffer end on trailing newlines. strtok mutated n-> type_id in place, corrupting shared node data. A memory leak occurred in syck_hdlr_add_anchor when a node already had an anchor. The incoming anchor string 'a' was leaked on early return. -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 22 2026 Paul Howarth - 1.39-1 - Update to 1.39 Bug Fixes: - Fix: escape solidus (/) as \/ in JSON::Syck::Dump for XSS safety (GH#125, GH#130) - Fix: anchor tracking for blessed scalar refs in Dump (GH#126, GH#131) -Fix: prevent buffer underflow in base60 (sexagesimal) parsing (GH#133) - Fix: guard against NULL type from strtok in tag parsing (GH#135) - Fix: correct copy-paste bug in syck_seq_assign() ASSERT macros (GH#137) - Fix t/yaml-implicit-typing.t failure with -Duselongdouble perls (GH#138, GH#139) Improvements: - Resolve TODO tests for empty/invalid YAML to match actual behaviour (GH#127, GH#129) Maintenance: - Remove dead Perl 5.6 TODOs and convert 5.8 TODO to SKIP (GH#129) - Add comprehensive implicit type resolution test suite (GH#137) - Update MANIFEST to include all unit tests - Clean up test names to remove unnecessary numbering * Thu Mar 19 2026 Paul Howarth - 1.37-1 - Update to 1.37 Features: - Add LoadBytes, LoadUTF8, DumpBytes, DumpUTF8 functions (GH#51) Fixes: - Fix heap buffer overflow in the YAML emitter - CVE-2026-4177 (GH#67) - Fix DumpFile with tied filehandles (IO::String, IO::Scalar) (GH#22) - Fix _is_glob to recognize IO::Handle subclasses (GH#23) - Fix memory leak when dumping filehandles (CPAN RT#41199, GH#42) - Fix dumping of tied hashes (GH#31) - Fix dumping strings starting with '...' as unquoted plain scalars (GH#34) - Fix dumping strings with tabs and carriage returns as plain scalars (GH#59) - Fix double-dash YAML parsing (RT#34073, GH#35) - Fix extra newline after empty arrays/hashes in YAML output (GH#36) - Remove trailing whitespace from YAML output lines (GH#37, GH#38, GH#39) - Fix quoting of \r and \t in YAML output instead of emitting raw bytes (GH#40) - Fix growing !!perl/regexp objects in round-trips (GH#43) - Fix quoted '=' being transformed into 'str' (GH#45) - Fix backslash-space escape in double-quoted YAML strings (GH#61) - Fix flow sequence comma separator not recognized without trailing space (GH#60) - Fix wide character warning in DumpFile (GH#28) - Fix inline arrays without space after comma (GH#25) - Fix: quote strings matching YAML implicit types toprevent round-trip failures (GH#26) - Fix JSON::Syck::Dump to use JSON-valid \uXXXX escapes in output (GH#21) - Fix JSON::Syck::Load decoding of \/ and \uXXXX escape sequences (GH#30) - Fix: apply JSON postprocessing to JSON::Syck::DumpFile output (GH#104) - Fix: add tied-filehandle fallback to JSON::Syck::DumpFile (GH#98) - Fix: handle JSON escape sequences in SingleQuote mode Load (GH#99) - Fix: restore Perl 5.8 compatibility in test suite (GH#121) - Fix: correct copy-paste error in Makefile.PL clean target (GH#101) - Fix: correct $SortKeys POD default from false to true (GH#100) - Fix: correct POD documentation errors (GH#103) Maintenance: - Add C23-compatible function prototypes for GCC 15 compatibility (GH#112) - Silence macOS compiler warnings (GH#92) - Guard stdint.h include for portability (HP-UX 11.11) (GH#33) - Guard stdint.h include in syck_st.h for portability (GH#24) - Update ppport.h to 3.68 - Add regression tests for magical variable dumping (GH#32) - CI: modernize GitHub Actions workflow (GH#123, GH#124) - CI: add disttest job to validate MANIFEST completeness - Use %{make_build} and %{make_install} - Drop workaround for C23 incompatibility -------------------------------------------------------------------------------- References: [ 1 ] Bug #2448281 - CVE-2026-4177 perl-YAML-Syck: YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2448281 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-a8d89d8ae2' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key.More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . High severity buffer overflow vulnerabilities in YAML::Syck for Fedora 44 require urgent attention for maintaining system security.. Fedora Perl Security Heap Overflow YAML. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Mar 31, 2026 Critical Fedora
89

Fedora 44 gst-editing-services Update 1.28.1 2026-9cfb46ac78

1.28.1. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-9cfb46ac78 2026-03-14 00:15:28.464474+00:00 -------------------------------------------------------------------------------- Name : gst-editing-services Product : Fedora 44 Version : 1.28.1 Release : 1.fc44 URL : https://cgit.freedesktop.org/gstreamer/gst-editing-services/?__goaway_challenge=meta-refresh&__goaway_id=7a456481db14f26372c90c6290a4b235 Summary : Gstreamer editing services Description : This is a high-level library for facilitating the creation of audio/video non-linear editors. -------------------------------------------------------------------------------- Update Information: 1.28.1 -------------------------------------------------------------------------------- ChangeLog: * Thu Feb 26 2026 Gwyn Ciesla - 1.28.1-1 - 1.28.1 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-9cfb46ac78' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam,report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Update for gst-editing-services 1.28.1 on Fedora 44 addresses recent changes and improvements. Install via dnf now!. Fedora Update,gstreamer application,security advisory,high severity,update process. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 14, 2026 Important Fedora
99

Slackware 15.0 libpng Significant Heap Overflow Patch SSA-2026-042-02

New libpng packages are available for Slackware 15.0 and -current to fix a security issue.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] libpng (SSA:2026-042-02) New libpng packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/libpng-1.6.55-i586-1_slack15.0.txz: Upgraded. Fixed a high severity security issue: Heap buffer overflow in `png_set_quantize`. Reported and fixed by Joshua Inscoe. For more information, see: https://www.cve.org/CVERecord?id=CVE-2026-25646 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/libpng-1.6.55-i586-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/libpng-1.6.55-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libpng-1.6.55-i686-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libpng-1.6.55-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: b8c6388882ce11d9980511d631a7081f libpng-1.6.55-i586-1_slack15.0.txz Slackware x86_64 15.0 package: 980b9faf4fffacb2967c95501484d804 libpng-1.6.55-x86_64-1_slack15.0.txz Slackware -current package: 02382db893ab6faee7a1e58e40201bff l/libpng-1.6.55-i686-1.txz Slackware x86_64 -current package: 5cbe89190236dbdce06ab31194737284 l/libpng-1.6.55-x86_64-1.txz Installationinstructions: +------------------------+ Upgrade the package as root: # upgradepkg libpng-1.6.55-i586-1_slack15.0.txz +-----+ . New libpng packages for Slackware address a heap overflow security issue, requiring immediate updates for system protection.. libpng security fix. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Feb 11, 2026 Critical Slackware
89

Fedora 42: Chromium High CVE-2025-13630, 13631, 13632 Advisory

Update to 143.0.7499.40 * High CVE-2025-13630: Type Confusion in V8 * High CVE-2025-13631: Inappropriate implementation in Google Updater * High CVE-2025-13632: Inappropriate implementation in DevTools * High CVE-2025-13633: Use after free in Digital Credentials. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-a41df7ce46 2025-12-06 01:27:06.737466+00:00 -------------------------------------------------------------------------------- Name : chromium Product : Fedora 42 Version : 143.0.7499.40 Release : 1.fc42 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). -------------------------------------------------------------------------------- Update Information: Update to 143.0.7499.40 * High CVE-2025-13630: Type Confusion in V8 * High CVE-2025-13631: Inappropriate implementation in Google Updater * High CVE-2025-13632: Inappropriate implementation in DevTools * High CVE-2025-13633: Use after free in Digital Credentials * Medium CVE-2025-13634: Inappropriate implementation in Downloads * Medium CVE-2025-13720: Bad cast in Loader * Medium CVE-2025-13721: Race in v8 * Low CVE-2025-13635: Inappropriate implementation in Downloads * Low CVE-2025-13636: Inappropriate implementation in Split View * Low CVE-2025-13637: Inappropriate implementation in Downloads * Low CVE-2025-13638: Use after free in Media Stream * Low CVE-2025-13639: Inappropriate implementation in WebRTC * Low CVE-2025-13640: Inappropriate implementation in Passwords -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 2 2025 Than Ngo - 143.0.7499.40-1 - Update to 143.0.7499.40 * High CVE-2025-13630: Type Confusion in V8 * High CVE-2025-13631: Inappropriate implementation in GoogleUpdater * High CVE-2025-13632: Inappropriate implementation in DevTools * High CVE-2025-13633: Use after free in Digital Credentials * Medium CVE-2025-13634: Inappropriate implementation in Downloads * Medium CVE-2025-13720: Bad cast in Loader * Medium CVE-2025-13721: Race in v8 * Low CVE-2025-13635: Inappropriate implementation in Downloads * Low CVE-2025-13636: Inappropriate implementation in Split View * Low CVE-2025-13637: Inappropriate implementation in Downloads * Low CVE-2025-13638: Use after free in Media Stream * Low CVE-2025-13639: Inappropriate implementation in WebRTC * Low CVE-2025-13640: Inappropriate implementation in Passwords * Mon Dec 1 2025 LuK1337 - 142.0.7444.175-5 - Backport one more Wayland DnD bug fix from upstream * Mon Nov 24 2025 Than Ngo - 142.0.7444.175-4 - Enable system libcxx - Fix link error when building with system libcxx - Apply memory-allocator-dcheck-assert-fix for aarch64 * Thu Nov 20 2025 LuK1337 - 142.0.7444.175-3 - Backport Wayland DnD bug fix from upstream -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-a41df7ce46' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines ListArchives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Critical update for Chromium in Fedora 42 addresses multiple high-severity issues including type confusion and use after free.. Chromium Update, Fedora Browser Security, Type Confusion Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Dec 06, 2025 Critical Fedora
172

Ubuntu 24.04 EDK II Critical Severity Vulnerability DoS USN-7894-3

USN-7894-1 introduced a regression in EDK II. ========================================================================== Ubuntu Security Notice USN-7894-2 November 28, 2025 edk2 regression ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: USN-7894-1 introduced a regression in EDK II Software Description: - edk2: UEFI firmware for virtual machines Details: USN-7894-1 fixed vulnerabilities in EDK II. The update introduced a regression in the UEFI network boot. This update reverts the corresponding fixes for CVE-2023-45236 and CVE-2023-45237 pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovered that EDK II was susceptible to a predictable TCP Initial Sequence Number. An attacker could possibly use this issue to gain unauthorized access. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. (CVE-2023-45236, CVE-2023-45237) It was discovered that EDK II incorrectly handled S3 sleep. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. (CVE-2024-1298) It was discovered that the EDK II PE/COFF loader incorrectly handled certain memory operations. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information, or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. (CVE-2024-38796) It was discovered that the EDK II PE image hashing function incorrectly handled certain memory operations. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2024-38797) It was discovered that the EDK II BIOS incorrectly handled certain memory operations. An attacker could possibly use this issue to cause a denial of service. (CVE-2024-38805, CVE-2025-2295) It was discovered that EDK IIincorrectly handled the enabling of MCE. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2025-3770) It was discovered that the OpenSSL library embedded in EDK II contained multiple vulnerabilties. An attacker could possibly use these issues to cause a denial of service, obtain sensitive information, or execute arbitrary code. (CVE-2021-3712, CVE-2022-0778, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-2650, CVE-2023-3446, CVE-2023-3817, CVE-2023-5678, CVE-2023-6237, CVE-2024-0727, CVE-2024-13176, CVE-2024-2511, CVE-2024-41996, CVE-2024-4741, CVE-2024-5535, CVE-2024-6119, CVE-2024-9143, CVE-2025-9232) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS efi-shell-aa64 2024.02-2ubuntu0.7 efi-shell-arm 2024.02-2ubuntu0.7 efi-shell-ia32 2024.02-2ubuntu0.7 efi-shell-riscv64 2024.02-2ubuntu0.7 efi-shell-x64 2024.02-2ubuntu0.7 ovmf 2024.02-2ubuntu0.7 ovmf-ia32 2024.02-2ubuntu0.7 qemu-efi-aarch64 2024.02-2ubuntu0.7 qemu-efi-arm 2024.02-2ubuntu0.7 qemu-efi-riscv64 2024.02-2ubuntu0.7 Ubuntu 22.04 LTS ovmf 2022.02-3ubuntu0.22.04.5 ovmf-ia32 2022.02-3ubuntu0.22.04.5 qemu-efi 2022.02-3ubuntu0.22.04.5 qemu-efi-aarch64 2022.02-3ubuntu0.22.04.5 qemu-efi-arm 2022.02-3ubuntu0.22.04.5 After a standard system update you need to restart the virtual machines that use the affected firmware to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7894-2 https://ubuntu.com/security/notices/USN-7894-1 https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2133157 PackageInformation: https://launchpad.net/ubuntu/+source/edk2/2024.02-2ubuntu0.7 https://launchpad.net/ubuntu/+source/edk2/2022.02-3ubuntu0.22.04.5 . EDK II regression impacts Ubuntu 22.04 and 24.04 LTS, urging updates due to critical network boot issues.. Ubuntu security update, EDK II regression, Denial of Service issue, UEFI firmware vulnerabilities. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Nov 28, 2025 Critical Ubuntu
89

Fedora 41: Chromium High CVE-2025-916064e307 Type Confusion Issues

Update to 142.0.7444.59 * High CVE-2025-12428: Type Confusion in V8 * High CVE-2025-12429: Inappropriate implementation in V8 * High CVE-2025-12430: Object lifecycle issue in Media * High CVE-2025-12431: Inappropriate implementation in Extensions. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-916064e307 2025-11-07 02:35:35.301825+00:00 -------------------------------------------------------------------------------- Name : chromium Product : Fedora 41 Version : 142.0.7444.59 Release : 1.fc41 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). -------------------------------------------------------------------------------- Update Information: Update to 142.0.7444.59 * High CVE-2025-12428: Type Confusion in V8 * High CVE-2025-12429: Inappropriate implementation in V8 * High CVE-2025-12430: Object lifecycle issue in Media * High CVE-2025-12431: Inappropriate implementation in Extensions * High CVE-2025-12432: Race in V8 * High CVE-2025-12433: Inappropriate implementation in V8 * High CVE-2025-12036: Inappropriate implementation in V8 * Medium CVE-2025-12434: Race in Storage * Medium CVE-2025-12435: Incorrect security UI in Omnibox * Medium CVE-2025-12436: Policy bypass in Extensions * Medium CVE-2025-12437: Use after free in PageInfo * Medium CVE-2025-12438: Use after free in Ozone * Medium CVE-2025-12439: Inappropriate implementation in App-Bound Encryption * Low CVE-2025-12440: Inappropriate implementation in Autofill * Medium CVE-2025-12441: Out of bounds read in V8 * Medium CVE-2025-12443: Out of bounds read in WebXR * Low CVE-2025-12444: Incorrect security UI in Fullscreen UI * Low CVE-2025-12445: Policy bypass in Extensions * LowCVE-2025-12446: Incorrect security UI in SplitView * Low CVE-2025-12447: Incorrect security UI in Omnibox -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 30 2025 Than Ngo - 142.0.7444.59-1 - Update to 142.0.7444.59 * Refreshed ppc64le patches * Refreshed system-brotli patch * Refreshed clang++-unknown-argument patch * Refreshed split-threshold-for-reg-with-hint patch * Fixed some FTBFS caused by missing header files * Fixed FTBFS caused by old rust compiler * Fixed FTBFS caused by new glibc-2.42 in Rawhide * Fixed FTBFS caused by old python-3.9.x in EL8/9 * Dropped obsoleted chromium-141-el9-ffmpeg-5.x-duration.patch for old ffmpeg on EL9 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-916064e307' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Critical update for Fedora 41's Chromium addresses multiple high-severity vulnerabilities due to various implementation issues.. fedora41, chromium browser, high severity updates, security issues, type confusion vulnerabilities. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Nov 07, 2025 Critical Fedora
202

openSUSE Leap 15.6: SUSE-SU-2025:01716-1 moderate: mariadb network threat

An update that solves one vulnerability can now be installed.. # Security update for mariadb Announcement ID: SUSE-SU-2025:01716-1 Release Date: 2025-05-27T12:44:15Z Rating: moderate References: * bsc#1243356 Cross-References: * CVE-2025-21490 CVSS scores: * CVE-2025-21490 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-21490 ( SUSE ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2025-21490 ( NVD ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * Galera for Ericsson 15 SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for mariadb fixes the following issues: Update to version 10.11.11. * CVE-2025-21490: vulnerability allows high privileged attacker with network access to cause hangs and frequent crashes on affected servers (bsc#1243356). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-1716=1 openSUSE-SLE-15.6-2025-1716=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1716=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1716=1 * Galera for Ericsson 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-ERICSSON-2025-1716=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * mariadb-rpm-macros-10.11.11-150600.4.10.1 * libmariadbd19-debuginfo-10.11.11-150600.4.10.1 *mariadb-debugsource-10.11.11-150600.4.10.1 * mariadb-galera-10.11.11-150600.4.10.1 * mariadb-client-debuginfo-10.11.11-150600.4.10.1 * mariadb-test-10.11.11-150600.4.10.1 * mariadb-client-10.11.11-150600.4.10.1 * mariadb-debuginfo-10.11.11-150600.4.10.1 * mariadb-10.11.11-150600.4.10.1 * mariadb-bench-debuginfo-10.11.11-150600.4.10.1 * mariadb-test-debuginfo-10.11.11-150600.4.10.1 * libmariadbd19-10.11.11-150600.4.10.1 * libmariadbd-devel-10.11.11-150600.4.10.1 * mariadb-tools-10.11.11-150600.4.10.1 * mariadb-bench-10.11.11-150600.4.10.1 * mariadb-tools-debuginfo-10.11.11-150600.4.10.1 * openSUSE Leap 15.6 (noarch) * mariadb-errormessages-10.11.11-150600.4.10.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * mariadb-debuginfo-10.11.11-150600.4.10.1 * mariadb-debugsource-10.11.11-150600.4.10.1 * mariadb-galera-10.11.11-150600.4.10.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libmariadbd19-debuginfo-10.11.11-150600.4.10.1 * mariadb-debugsource-10.11.11-150600.4.10.1 * mariadb-client-debuginfo-10.11.11-150600.4.10.1 * mariadb-client-10.11.11-150600.4.10.1 * mariadb-debuginfo-10.11.11-150600.4.10.1 * mariadb-10.11.11-150600.4.10.1 * libmariadbd19-10.11.11-150600.4.10.1 * mariadb-tools-10.11.11-150600.4.10.1 * libmariadbd-devel-10.11.11-150600.4.10.1 * mariadb-tools-debuginfo-10.11.11-150600.4.10.1 * Server Applications Module 15-SP6 (noarch) * mariadb-errormessages-10.11.11-150600.4.10.1 * Galera for Ericsson 15 SP6 (x86_64) * mariadb-debuginfo-10.11.11-150600.4.10.1 * mariadb-debugsource-10.11.11-150600.4.10.1 * mariadb-galera-10.11.11-150600.4.10.1 ## References: * https://www.suse.com/security/cve/CVE-2025-21490.html * https://bugzilla.suse.com/show_bug.cgi?id=1243356 . The latest mariadb update resolves a significant vulnerability in openSUSE, bolstering both security and system reliability with the newly released patch.. openSUSESecurity Update, MariaDB Patch, Network Vulnerability Fix. . LinuxSecurity.com Team

Calendar%202 May 28, 2025 OpenSUSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200