Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorydenial of servicebuffer overflow

SUSE: 2020:14460-1 Important: Squid3 Denial Of Service and Code Execution

An update that fixes 21 vulnerabilities is now available. . SUSE Security Update: Security update for squid3 ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:14460-1 Rating: important References: #1140738 #1141329 #1141332 #1156323 #1156324 #1156326 #1156328 #1156329 #1162687 #1162689 #1162691 #1167373 #1169659 #1170313 #1170423 #1173304 #1173455 Cross-References: CVE-2019-12519 CVE-2019-12520 CVE-2019-12521 CVE-2019-12523 CVE-2019-12524 CVE-2019-12525 CVE-2019-12526 CVE-2019-12528 CVE-2019-12529 CVE-2019-13345 CVE-2019-18676 CVE-2019-18677 CVE-2019-18678 CVE-2019-18679 CVE-2019-18860 CVE-2020-11945 CVE-2020-14059 CVE-2020-15049 CVE-2020-8449 CVE-2020-8450 CVE-2020-8517 Affected Products: SUSE Linux Enterprise Server 11-SP4-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes 21 vulnerabilities is now available. Description: This update for squid3 fixes the following issues: - Fixed a Cache Poisoning and Request Smuggling attack (CVE-2020-15049, bsc#1173455) - Fixed incorrect buffer handling that can result in cache poisoning, remote execution, and denial of service attacks when processing ESI responses (CVE-2019-12519, CVE-2019-12521, bsc#1169659) - Fixed handling of hostname in cachemgr.cgi (CVE-2019-18860, bsc#1167373) - Fixed a potential remote execution vulnerability when using HTTP Digest Authentication (CVE-2020-11945, bsc#1170313) - Fixed a potential ACL bypass, cache-bypass and cross-site scripting attack when processing invalid HTTP Request messages (CVE-2019-12520, CVE-2019-12524, bsc#1170423) - Fixed a potential denial of service when processing TLS certificates during HTTPS connections (CVE-2020-14059, bsc#1173304) - Fixed a potential denial of service associated with incorrect buffer management of HTTP Basic Authentication credentials (bsc#1141329, CVE-2019-12529) - Fixed an incorrect buffer management resulting in vulnerability to a denial of service during processing of HTTP Digest Authentication credentials (bsc#1141332, CVE-2019-12525) - Fix XSS via user_name or auth parameter in cachemgr.cgi (bsc#1140738, CVE-2019-13345) - Fixed a potential code execution vulnerability (CVE-2019-12526, bsc#1156326) - Fixed HTTP Request Splitting in HTTP message processing and information disclosure in HTTP Digest Authentication (CVE-2019-18678, CVE-2019-18679, bsc#1156323, bsc#1156324) - Fixed a security issue allowing a remote client ability to cause use a buffer overflow when squid is acting as reverse-proxy. (CVE-2020-8449, CVE-2020-8450, bsc#1162687) - Fixed a security issue allowing for information disclosure in FTP gateway (CVE-2019-12528, bsc#1162689) - Fixed a security issue in ext_lm_group_acl when processing NTLM Authentication credentials. (CVE-2020-8517, bsc#1162691) - Fixed Cross-Site Request Forgery in HTTP Request processing (CVE-2019-18677, bsc#1156328) - Disable urn parsing and parsing of unknown schemes (bsc#1156329, CVE-2019-12523, CVE-2019-18676) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4-LTSS: zypper in -t patch slessp4-squid3-14460=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-squid3-14460=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patchdbgsp4-squid3-14460=1 Package List: - SUSE Linux Enterprise Server 11-SP4-LTSS (i586 ppc64 s390x x86_64): squid3-3.1.23-8.16.37.12.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): squid3-3.1.23-8.16.37.12.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ppc64 s390x x86_64): squid3-debuginfo-3.1.23-8.16.37.12.1 squid3-debugsource-3.1.23-8.16.37.12.1 References: https://www.suse.com/security/cve/CVE-2019-12519.html https://www.suse.com/security/cve/CVE-2019-12520.html https://www.suse.com/security/cve/CVE-2019-12521.html https://www.suse.com/security/cve/CVE-2019-12523.html https://www.suse.com/security/cve/CVE-2019-12524.html https://www.suse.com/security/cve/CVE-2019-12525.html https://www.suse.com/security/cve/CVE-2019-12526.html https://www.suse.com/security/cve/CVE-2019-12528.html https://www.suse.com/security/cve/CVE-2019-12529.html https://www.suse.com/security/cve/CVE-2019-13345.html https://www.suse.com/security/cve/CVE-2019-18676.html https://www.suse.com/security/cve/CVE-2019-18677.html https://www.suse.com/security/cve/CVE-2019-18678.html https://www.suse.com/security/cve/CVE-2019-18679.html https://www.suse.com/security/cve/CVE-2019-18860.html https://www.suse.com/security/cve/CVE-2020-11945.html https://www.suse.com/security/cve/CVE-2020-14059.html https://www.suse.com/security/cve/CVE-2020-15049.html https://www.suse.com/security/cve/CVE-2020-8449.html https://www.suse.com/security/cve/CVE-2020-8450.html https://www.suse.com/security/cve/CVE-2020-8517.html https://bugzilla.suse.com/1140738 https://bugzilla.suse.com/1141329 https://bugzilla.suse.com/1141332 https://bugzilla.suse.com/1156323 https://bugzilla.suse.com/1156324 https://bugzilla.suse.com/1156326 https://bugzilla.suse.com/1156328 https://bugzilla.suse.com/1156329 https://bugzilla.suse.com/1162687 https://bugzilla.suse.com/1162689 https://bugzilla.suse.com/1162691 https://bugzilla.suse.com/1167373 https://bugzilla.suse.com/1169659 https://bugzilla.suse.com/1170313 https://bugzilla.suse.com/1170423 https://bugzilla.suse.com/1173304 https://bugzilla.suse.com/1173455 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . SUSE Security Patch for nginx addressing critical vulnerabilities to enhance system integrity and reliability.. SUSE Update, Security Risks, Squid3 Fixes, System Security, Vulnerability Management. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 24, 2020 Important SuSE
99
Ls Advisories Slackware Esm H240
Price Tag 1security advisoryapachesecurity fix

Slackware: 2005-310-04 Moderate: Apache Http Request Splitting

New apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix potential security issues: * If a request contains both Transfer-Encoding and Content-Length headers, remove the Content-Length, mitigating some HTTP Request . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] apache (SSA:2005-310-04) New apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix potential security issues: * If a request contains both Transfer-Encoding and Content-Length headers, remove the Content-Length, mitigating some HTTP Request Splitting/Spoofing attacks. * Added TraceEnable [on|off|extended] per-server directive to alter the behavior of the TRACE method. It's hard to say how much real-world impact these have, as there's no more information about that in the announcement. The original Apache announement can be read here: Note that if you use mod_ssl, you will also need a new mod_ssl package. These have been provided for the same releases of Slackware. Here are the details from the Slackware 10.2 ChangeLog: +--------------------------+ patches/packages/apache-1.3.34-i486-1.tgz: Upgraded to apache-1.3.34. Fixes this minor security bug: "If a request contains both Transfer-Encoding and Content-Length headers, remove the Content-Length, mitigating some HTTP Request Splitting/Spoofing attacks." (* Security fix *) patches/packages/mod_ssl-2.8.25_1.3.34-i486-1.tgz: Upgraded to mod_ssl-2.8.25-1.3.34. +--------------------------+ Where to find the new packages: +-----------------------------+ Updated packages for Slackware 8.1: Updated packages for Slackware 9.0: Updated packages for Slackware 9.1: Updated packages for Slackware 10.0: Updated packages for Slackware 10.1: Updated packages for Slackware 10.2: Updated packages for Slackware -current: MD5 signatures: +-------------+ Slackware 8.1 packages: 5f49a812d8b9456af9e1843776aad2ea apache-1.3.34-i386-1.tgz 31916dd7d162b10d4e2b200471b90dc9 mod_ssl-2.8.25_1.3.34-i386-1.tgz Slackware 9.0 packages: 6867b391a99abe9804695e384bb2fc9f apache-1.3.34-i386-1.tgz 60ef5ab93eff3438688c2aeaefc6b2b9 mod_ssl-2.8.25_1.3.34-i386-1.tgz Slackware 9.1 packages: d63354a6b9a54739dcb14d1c6c2e45ef apache-1.3.34-i486-1.tgz 037056e0241a43d5615fc7358198f56e mod_ssl-2.8.25_1.3.34-i486-1.tgz Slackware 10.0 packages: ddd47c73ff5ed1fef564ad76907dd8ad apache-1.3.34-i486-1.tgz b95bcd1a58011674a725f6cba271a1d1 mod_ssl-2.8.25_1.3.34-i486-1.tgz Slackware 10.1 packages: bce588b7116d9f27b84bd831730e37e8 apache-1.3.34-i486-1.tgz dc375cdb6c5f4af75cefb4b1a593caf8 mod_ssl-2.8.25_1.3.34-i486-1.tgz Slackware 10.2 packages: 2409be9e6daa5046a2f03fa127028903 apache-1.3.34-i486-1.tgz d771b65a5b384448f3899d4e4aa686b8 mod_ssl-2.8.25_1.3.34-i486-1.tgz Slackware -current packages: 2409be9e6daa5046a2f03fa127028903 apache-1.3.34-i486-1.tgz d771b65a5b384448f3899d4e4aa686b8 mod_ssl-2.8.25_1.3.34-i486-1.tgz Installation instructions: +------------------------+ First, stop apache: # apachectl stop Then, upgrade the apache package: # upgradepkg apache-1.3.34-i486-1.tgz If you use mod_ssl, you'll also need to upgrade that package. The upgrade should save the important config files for mod_ssl, nevertheless it's a good idea to backup any keys/certificates you wish to save for mod_ssl (in /etc/apache/ssl.*), then upgrade mod_ssl: # upgradepkg mod_ssl-2.8.25_1.3.34-i486-1.tgz If necessary, restore any mod_ssl config files. Finally, restart apache: # apachectl start Or, if you use mod_ssl: # apachectl startssl +-----+ . Revised nginx components for Ubuntu to mitigate vulnerabilities and strengthen system security.. apache updates, http request security, slackware packages. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 06, 2005 Important Slackware
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here