Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian LTS openssl Important Use-After-Free NULL Pointer Issues DLA-4624-1

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 alsa-lib Important Denial of Service Fix USN-8044-2

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS node-shell-quote Important Denial of Service CVE-2026-9277

Calendar White Jun 09, 2026
Important
Mageia Large Esm H800
Mageia

Mageia 9 Suricata Critical Performance Security Issues MGASA-2026-0181

Calendar White Jun 09, 2026
Critical
Mageia Large Esm H900
Mageia

Mageia 9 PackageKit Important TOCTOU Race Escalation CVE-2026-41651

Calendar White Jun 09, 2026
Important
Mageia Large Esm H900
Mageia

Mageia 9 Unbound Critical Remote Code Execution Advisory 2026-0034

Calendar White Jun 09, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS Netatalk Multiple Security Issues USN-8395-1

Calendar White Jun 09, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 mingw-objfw 1.5.5 Update Security Fix FEDORA-2026-de23fedf3e

Calendar White Jun 08, 2026
Fedora Large Esm H900
Fedora

Fedora 43 objfw Important Update 1.5.5 Bug Fixes June 2026

Calendar White Jun 08, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderatephp update

SUSE: 2023:2096-1 Moderate: Bci/Php-Apache Security Fix: CVE-2023-3247

The container bci/php-apache was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/php-apache ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:2096-1 Container Tags : bci/php-apache:8 , bci/php-apache:8-4.6 Container Release : 4.6 Severity : moderate Type : security References : 1212349 CVE-2023-3247 ----------------------------------------------------------------- The container bci/php-apache was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2610-1 Released: Thu Jun 22 09:53:34 2023 Summary: Security update for php8 Type: security Severity: moderate References: 1212349,CVE-2023-3247 This update for php8 fixes the following issues: - CVE-2023-3247: Fixed missing error check and insufficient random bytes in HTTP Digest authentication for SOAP (bsc#1212349). The following package changes have been done: - php8-cli-8.0.29-150400.4.34.1 updated - php8-8.0.29-150400.4.34.1 updated - apache2-mod_php8-8.0.29-150400.4.34.1 updated - php8-openssl-8.0.29-150400.4.34.1 updated - php8-mbstring-8.0.29-150400.4.34.1 updated - php8-zlib-8.0.29-150400.4.34.1 updated - php8-zip-8.0.29-150400.4.34.1 updated - php8-curl-8.0.29-150400.4.34.1 updated - php8-phar-8.0.29-150400.4.34.1 updated . SUSE Container Update Advisory for bci/python-django addresses vulnerabilities, particularly an oversight in input validation during user login processes.. bci/php-apache, Container Update, php security, SUSE advisory. . LinuxSecurity.com Team

Calendar 2 Jun 23, 2023 SuSE
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of servicedebian

Debian 10 DLA-3246-1 Critical Node-Hawk Denial Of Service Advisory

It was discovered that there was an issue in Hawk, an HTTP authentication scheme. Hawk used a regular expression to parse `Host` HTTP headers which was subject to regular expression DoS attack. Each added character in the attacker's input increased the computation . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3246-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Chris Lamb December 23, 2022 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : node-hawk Version : 6.0.1+dfsg-1+deb10u1 CVE IDs : CVE-2022-29167 It was discovered that there was an issue in Hawk, an HTTP authentication scheme. Hawk used a regular expression to parse `Host` HTTP headers which was subject to regular expression DoS attack. Each added character in the attacker's input increased the computation time exponentially. For Debian 10 buster, this problem has been fixed in version 6.0.1+dfsg-1+deb10u1. We recommend that you upgrade your node-hawk packages. For the detailed security status of node-hawk please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/node-hawk Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS Advisory DLA-3250-1 highlights a critical vulnerability in the package node-xyz. It is advised to upgrade promptly to enhance system protection.. Debian LTS, Node-Hawk, DoS Attack, HTTP Authentication. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 23, 2022 Critical Debian LTS
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderatefedora

Fedora 34: FEDORA-2021-f59bda7d94 moderate: Lynx HTTP Auth Issue

- fix disclosure of HTTP auth credentials via SNI data (CVE-2021-38165). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-f59bda7d94 2021-09-08 15:05:54.167624 --------------------------------------------------------------------------------Name : lynx Product : Fedora 34 Version : 2.8.9 Release : 13.fc34 URL : http://lynx.browser.org/ Summary : A text-based Web browser Description : Lynx is a text-based Web browser. Lynx does not display any images, but it does support frames, tables, and most other HTML tags. One advantage Lynx has over graphical browsers is speed; Lynx starts and exits quickly and swiftly displays web pages. --------------------------------------------------------------------------------Update Information: - fix disclosure of HTTP auth credentials via SNI data (CVE-2021-38165) --------------------------------------------------------------------------------ChangeLog: * Tue Aug 31 2021 Kamil Dudka - 2.8.9-13 - fix disclosure of HTTP auth credentials via SNI data (CVE-2021-38165) * Thu Jul 22 2021 Fedora Release Engineering - 2.8.9-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1994998 - CVE-2021-38165 lynx: Disclosure of HTTP authentication credentials via SNI data https://bugzilla.redhat.com/show_bug.cgi?id=1994998 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-f59bda7d94' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Resolution for leakage of HTTP auth credentials in Lynx on Fedora caused by SNI exposure.. HTTP Auth Credentials, Lynx Security Fix, Fedora Updates, SNI Data Issue. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 08, 2021 Important Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora 29: FEDORA-2019-fa61af95b3 Critical: Aria2 HTTP Leak Fix

Fix Password leak for HTTP based authentication CVE-2019-3500 (rhbz #1663991 #1663992 #1663993). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-fa61af95b3 2019-04-29 02:14:28.000794 --------------------------------------------------------------------------------Name : aria2 Product : Fedora 29 Version : 1.34.0 Release : 4.fc29 URL : http://aria2.github.io/ Summary : High speed download utility with resuming and segmented downloading Description : aria2 is a download utility with resuming and segmented downloading. Supported protocols are HTTP/HTTPS/FTP/BitTorrent. It also supports Metalink version 3.0. Currently it has following features: - HTTP/HTTPS GET support - HTTP Proxy support - HTTP BASIC authentication support - HTTP Proxy authentication support - FTP support(active, passive mode) - FTP through HTTP proxy(GET command or tunneling) - Segmented download - Cookie support - It can run as a daemon process. - BitTorrent protocol support with fast extension. - Selective download in multi-file torrent - Metalink version 3.0 support(HTTP/FTP/BitTorrent). - Limiting download/upload speed --------------------------------------------------------------------------------Update Information: Fix Password leak for HTTP based authentication CVE-2019-3500 (rhbz #1663991 #1663992 #1663993) --------------------------------------------------------------------------------ChangeLog: * Wed Mar 27 2019 Athmane Madjoudj - 1.34.0-4 - Fix Password leak for HTTP based authentication CVE-2019-3500 (rhbz #1663991 #1663992 #1663993) * Thu Jan 31 2019 Fedora Release Engineering - 1.34.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1663991 - CVE-2019-3500 aria2: Password leak for HTTP based authentication https://bugzilla.redhat.com/show_bug.cgi?id=1663991 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-fa61af95b3' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Fedora 29 users must address a serious aria2 password leak vulnerability by applying critical updates for enhanced security through the recommended commands. aria2 Update,Fedora Security,Authentication Fix,Password Leak,Critical Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 28, 2019 Critical Fedora
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraupdate

Fedora 30: 2019-248ad990b4 Critical: Aria2 Password Leak Fix

Fix Password leak for HTTP based authentication CVE-2019-3500 (rhbz #1663991 #1663992 #1663993). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-248ad990b4 2019-04-13 00:02:00.007274 --------------------------------------------------------------------------------Name : aria2 Product : Fedora 30 Version : 1.34.0 Release : 4.fc30 URL : http://aria2.github.io/ Summary : High speed download utility with resuming and segmented downloading Description : aria2 is a download utility with resuming and segmented downloading. Supported protocols are HTTP/HTTPS/FTP/BitTorrent. It also supports Metalink version 3.0. Currently it has following features: - HTTP/HTTPS GET support - HTTP Proxy support - HTTP BASIC authentication support - HTTP Proxy authentication support - FTP support(active, passive mode) - FTP through HTTP proxy(GET command or tunneling) - Segmented download - Cookie support - It can run as a daemon process. - BitTorrent protocol support with fast extension. - Selective download in multi-file torrent - Metalink version 3.0 support(HTTP/FTP/BitTorrent). - Limiting download/upload speed --------------------------------------------------------------------------------Update Information: Fix Password leak for HTTP based authentication CVE-2019-3500 (rhbz #1663991 #1663992 #1663993) --------------------------------------------------------------------------------References: [ 1 ] Bug #1663991 - CVE-2019-3500 aria2: Password leak for HTTP based authentication https://bugzilla.redhat.com/show_bug.cgi?id=1663991 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-248ad990b4' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages aresigned with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Fedora 30 patch aria2 security update resolves serious credential exposure for HTTP auth, CVE-2019-3501.. Aria2 Update, Fedora Security Advisory, HTTP Authentication Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 12, 2019 Critical Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here