Alerts This Week
Warning Icon 1 684
Alerts This Week
Warning Icon 1 684

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisoryissueimportant

SciLinux: SLSA-2014:1166-1 Important: Thunderbird Security Update

Important: thunderbird security update. Date: Mon, 8 Sep 2014 19:16:30 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: Important: jakarta-commons-httpclient on SL5.x, SL6.x i386/x86_64 MIME-Version: 1.0 Synopsis: Important: thunderbird security update Advisory ID: SLSA-2014:1166-1 Issue Date: 2014-09-08 CVE Numbers: CVE-2014-3577 -- It was discovered that the HTTPClient incorrectly extracted host name from an X.509 certificate subject's Common Name (CN) field. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate. (CVE-2014-3577) -- SL5 x86_64 jakarta-commons-httpclient-debuginfo-3.0-7jpp.4.el5_10.x86_64.rpm jakarta-commons-httpclient-demo-3.0-7jpp.4.el5_10.x86_64.rpm jakarta-commons-httpclient-javadoc-3.0-7jpp.4.el5_10.x86_64.rpm jakarta-commons-httpclient-manual-3.0-7jpp.4.el5_10.x86_64.rpm i386 jakarta-commons-httpclient-3.0-7jpp.4.el5_10.i386.rpm jakarta-commons-httpclient-debuginfo-3.0-7jpp.4.el5_10.i386.rpm jakarta-commons-httpclient-demo-3.0-7jpp.4.el5_10.i386.rpm jakarta-commons-httpclient-javadoc-3.0-7jpp.4.el5_10.i386.rpm jakarta-commons-httpclient-manual-3.0-7jpp.4.el5_10.i386.rpm SL6 x86_64 jakarta-commons-httpclient-3.1-0.9.el6_5.x86_64.rpm jakarta-commons-httpclient-debuginfo-3.1-0.9.el6_5.x86_64.rpm jakarta-commons-httpclient-demo-3.1-0.9.el6_5.x86_64.rpm jakarta-commons-httpclient-javadoc-3.1-0.9.el6_5.x86_64.rpm jakarta-commons-httpclient-manual-3.1-0.9.el6_5.x86_64.rpm i386 jakarta-commons-httpclient-3.1-0.9.el6_5.i686.rpm jakarta-commons-httpclient-debuginfo-3.1-0.9.el6_5.i686.rpm jakarta-commons-httpclient-demo-3.1-0.9.el6_5.i686.rpm jakarta-commons-httpclient-javadoc-3.1-0.9.el6_5.i686.rpm jakarta-commons-httpclient-manual-3.1-0.9.el6_5.i686.rpm - Scientific Linux Development Team . Important security update for Thunderbird with a fix for a potential man-in-the-middle attack exploit.. important security update, thunderbirdadvisory, Scientific Linux security, HTTPClient issue. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 08, 2014 Important Scientific Linux
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryred hatpackage update

Red Hat Developer Toolset 6 RHSA-2014:1098-01 Important SSL Spoofing

Updated devtoolset-2-httpcomponents-client packages that fix one security issue are now available for Red Hat Developer Toolset 2. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: devtoolset-2-httpcomponents-client security update Advisory ID: RHSA-2014:1098-01 Product: Red Hat Developer Toolset Advisory URL: https://access.redhat.com/errata/RHSA-2014:1098.html Issue date: 2014-08-26 CVE Names: CVE-2012-6153 ==================================================================== 1. Summary: Updated devtoolset-2-httpcomponents-client packages that fix one security issue are now available for Red Hat Developer Toolset 2. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Developer Toolset 2 for Red Hat Enterprise Linux 6 Server - noarch Red Hat Developer Toolset 2 for Red Hat Enterprise Linux 6 Workstation - noarch 3. Description: HttpClient is an HTTP/1.1 compliant HTTP agent implementation based on httpcomponents HttpCore. It was discovered that the HttpClient incorrectly extracted host name from an X.509 certificate subject's Common Name (CN) field. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate. (CVE-2012-6153) This issue was discovered by Florian Weimer of Red Hat Product Security. For additional information on this flaw, refer to the Knowledgebase article in the References section. All devtoolset-2-httpcomponents-client users are advised to upgrade to these updated packages, whichcontain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1129916 - CVE-2012-6153 Apache HttpComponents client: SSL hostname verification bypass, incomplete CVE-2012-5783 fix 6. Package List: Red Hat Developer Toolset 2 for Red Hat Enterprise Linux 6 Server: Source: devtoolset-2-httpcomponents-client-4.2.1-6.el6.src.rpm noarch: devtoolset-2-httpcomponents-client-4.2.1-6.el6.noarch.rpm devtoolset-2-httpcomponents-client-javadoc-4.2.1-6.el6.noarch.rpm Red Hat Developer Toolset 2 for Red Hat Enterprise Linux 6 Workstation: Source: devtoolset-2-httpcomponents-client-4.2.1-6.el6.src.rpm noarch: devtoolset-2-httpcomponents-client-4.2.1-6.el6.noarch.rpm devtoolset-2-httpcomponents-client-javadoc-4.2.1-6.el6.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://access.redhat.com/security/cve/CVE-2012-6153 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/solutions/1165533 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFT/LsoXlSAg2UNWIIRApN1AJ9tc8nvLkxn0SEciX5J2+ZXDQYjXwCeKWSa EzdFsO90RKKMUrM8lz+8cvc=6bG/ -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Crucial news regarding the Red Hat Developer Toolset addresses the HTTP client SSL vulnerability, improving overall security measures.. HTTP Client, SSL Spoofing, Red Hat Security Advisory, devtoolset-2,httpcomponents-client. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 26, 2014 Important Red Hat
Banner 3 1028x280 1708121785 1771599793
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatesecurity update

Red Hat Enterprise Linux 5 & 6 Moderate: RHSA-2013:0270 SSL Spoofing

Updated jakarta-commons-httpclient packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Moderate: jakarta-commons-httpclient security update Advisory ID: RHSA-2013:0270-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2013:0270.html Issue date: 2013-02-19 CVE Names: CVE-2012-5783 ==================================================================== 1. Summary: Updated jakarta-commons-httpclient packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The Jakarta Commons HttpClient component can be used to build HTTP-aware client applications (such as web browsers and web service clients). The Jakarta Commons HttpClient component did not verify that the server hostnamematched the domain name in the subject's Common Name (CN) or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name. (CVE-2012-5783) All users of jakarta-commons-httpclient are advised to upgrade to these updated packages, which correct this issue. Applications using the Jakarta Commons HttpClient component must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 873317 - CVE-2012-5783 jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: jakarta-commons-httpclient-3.0-7jpp.2.i386.rpm jakarta-commons-httpclient-debuginfo-3.0-7jpp.2.i386.rpm x86_64: jakarta-commons-httpclient-3.0-7jpp.2.x86_64.rpm jakarta-commons-httpclient-debuginfo-3.0-7jpp.2.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: i386: jakarta-commons-httpclient-debuginfo-3.0-7jpp.2.i386.rpm jakarta-commons-httpclient-demo-3.0-7jpp.2.i386.rpm jakarta-commons-httpclient-javadoc-3.0-7jpp.2.i386.rpm jakarta-commons-httpclient-manual-3.0-7jpp.2.i386.rpm x86_64: jakarta-commons-httpclient-debuginfo-3.0-7jpp.2.x86_64.rpm jakarta-commons-httpclient-demo-3.0-7jpp.2.x86_64.rpm jakarta-commons-httpclient-javadoc-3.0-7jpp.2.x86_64.rpm jakarta-commons-httpclient-manual-3.0-7jpp.2.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: i386: jakarta-commons-httpclient-3.0-7jpp.2.i386.rpm jakarta-commons-httpclient-debuginfo-3.0-7jpp.2.i386.rpm jakarta-commons-httpclient-demo-3.0-7jpp.2.i386.rpm jakarta-commons-httpclient-javadoc-3.0-7jpp.2.i386.rpm jakarta-commons-httpclient-manual-3.0-7jpp.2.i386.rpm ia64: jakarta-commons-httpclient-3.0-7jpp.2.ia64.rpm jakarta-commons-httpclient-debuginfo-3.0-7jpp.2.ia64.rpm jakarta-commons-httpclient-demo-3.0-7jpp.2.ia64.rpm jakarta-commons-httpclient-javadoc-3.0-7jpp.2.ia64.rpm jakarta-commons-httpclient-manual-3.0-7jpp.2.ia64.rpm ppc: jakarta-commons-httpclient-3.0-7jpp.2.ppc.rpm jakarta-commons-httpclient-debuginfo-3.0-7jpp.2.ppc.rpm jakarta-commons-httpclient-demo-3.0-7jpp.2.ppc.rpm jakarta-commons-httpclient-javadoc-3.0-7jpp.2.ppc.rpm jakarta-commons-httpclient-manual-3.0-7jpp.2.ppc.rpm s390x: jakarta-commons-httpclient-3.0-7jpp.2.s390x.rpm jakarta-commons-httpclient-debuginfo-3.0-7jpp.2.s390x.rpm jakarta-commons-httpclient-demo-3.0-7jpp.2.s390x.rpm jakarta-commons-httpclient-javadoc-3.0-7jpp.2.s390x.rpm jakarta-commons-httpclient-manual-3.0-7jpp.2.s390x.rpm x86_64: jakarta-commons-httpclient-3.0-7jpp.2.x86_64.rpm jakarta-commons-httpclient-debuginfo-3.0-7jpp.2.x86_64.rpm jakarta-commons-httpclient-demo-3.0-7jpp.2.x86_64.rpm jakarta-commons-httpclient-javadoc-3.0-7jpp.2.x86_64.rpm jakarta-commons-httpclient-manual-3.0-7jpp.2.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: i386: jakarta-commons-httpclient-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.i686.rpm x86_64: jakarta-commons-httpclient-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v.6): Source: i386: jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-demo-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-manual-3.1-0.7.el6_3.i686.rpm x86_64: jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-demo-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-manual-3.1-0.7.el6_3.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: x86_64: jakarta-commons-httpclient-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: x86_64: jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-demo-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-manual-3.1-0.7.el6_3.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: i386: jakarta-commons-httpclient-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.i686.rpm ppc64: jakarta-commons-httpclient-3.1-0.7.el6_3.ppc64.rpm jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.ppc64.rpm s390x: jakarta-commons-httpclient-3.1-0.7.el6_3.s390x.rpm jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.s390x.rpm x86_64: jakarta-commons-httpclient-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v.6): Source: i386: jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-demo-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-manual-3.1-0.7.el6_3.i686.rpm ppc64: jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.ppc64.rpm jakarta-commons-httpclient-demo-3.1-0.7.el6_3.ppc64.rpm jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3.ppc64.rpm jakarta-commons-httpclient-manual-3.1-0.7.el6_3.ppc64.rpm s390x: jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.s390x.rpm jakarta-commons-httpclient-demo-3.1-0.7.el6_3.s390x.rpm jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3.s390x.rpm jakarta-commons-httpclient-manual-3.1-0.7.el6_3.s390x.rpm x86_64: jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-demo-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-manual-3.1-0.7.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: i386: jakarta-commons-httpclient-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.i686.rpm x86_64: jakarta-commons-httpclient-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: i386: jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-demo-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3.i686.rpm jakarta-commons-httpclient-manual-3.1-0.7.el6_3.i686.rpm x86_64: jakarta-commons-httpclient-debuginfo-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-demo-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3.x86_64.rpm jakarta-commons-httpclient-manual-3.1-0.7.el6_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7.References: https://access.redhat.com/security/cve/CVE-2012-5783 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2013 Red Hat, Inc. . Recently released updates for jakarta-commons-httpclient are now accessible for Red Hat systems, addressing several moderate security vulnerabilities. Discover more details!. jakarta-commons-httpclient, Red Hat Enterprise Linux, SSL Spoofing, Security Update, Advisory. . LinuxSecurity.com Team

Calendar 2 Feb 19, 2013 Red Hat
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here