Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryhigh severityfedora

Fedora 33: 2021-7458e2d835 High: Httpd Critical Vulnerability Exploit

- 389-ds fixes an information disclosure during unsuccessful LDAP BIND operation, CVE-2020-35518 - Dogtag PKI adopted to work with 389-ds with the fix - FreeIPA rebuilt to require new Dogtag and 389-ds versions. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-7458e2d835 2021-03-03 23:15:16.431618 --------------------------------------------------------------------------------Name : pki-core Product : Fedora 33 Version : 10.10.5 Release : 1.fc33 URL : https://www.dogtagpki.org Summary : Dogtag PKI Core Package Description : Dogtag PKI is an enterprise software system designed to manage enterprise Public Key Infrastructure deployments. PKI consists of the following components: * Automatic Certificate Management Environment (ACME) Responder * Certificate Authority (CA) * Key Recovery Authority (KRA) * Online Certificate Status Protocol (OCSP) Manager * Token Key Service (TKS) * Token Processing Service (TPS) --------------------------------------------------------------------------------Update Information: - 389-ds fixes an information disclosure during unsuccessful LDAP BIND operation, CVE-2020-35518 - Dogtag PKI adopted to work with 389-ds with the fix - FreeIPA rebuilt to require new Dogtag and 389-ds versions --------------------------------------------------------------------------------ChangeLog: * Thu Feb 25 2021 Alexander Scheel - 10.10.5-1 - Update to latest stable release 10.10.5 Resolves: rh-bz#1929940 --------------------------------------------------------------------------------References: [ 1 ] Bug #1908653 - CVE-2020-35518 389-ds-base: information disclosure during the binding of a DN [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1908653 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisoryFEDORA-2021-7458e2d835' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . A recent update to Fedora pki-core resolves an information leakage issue related to LDAP operations. Details regarding the latest versions and installation instructions are included.. Fedora Update,pki-core,security fix,dogtag PKI. . LinuxSecurity.com Team

Calendar 2 Mar 03, 2021 Fedora
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryred hatremote access

Red Hat 6/7: RHSA-2016-1420-01 Important: Remote Attack in httpd24

An update for httpd24-httpd is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: httpd24-httpd security update Advisory ID: RHSA-2016:1420-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2016:1420 Issue date: 2016-07-18 CVE Names: CVE-2016-4979 CVE-2016-5387 ==================================================================== 1. Summary: An update for httpd24-httpd is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Description: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * It wasdiscovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5387) Note: After this update, httpd will no longer pass the value of the Proxy request header to scripts via the HTTP_PROXY environment variable. * A flaw was found in the way httpd performed client authentication using X.509 client certificates. When the HTTP/2 protocol was enabled, a remote attacker could use this flaw to access resources protected by certificate authentication without providing a valid client certificate. (CVE-2016-4979) Red Hat would like to thank Scott Geary (VendHQ) for reporting CVE-2016-5387 and Apache Software Foundation for reporting CVE-2016-4979. Upstream acknowledges Erki Aring (Liewenthal Electronics Ltd) as the original reporter of CVE-2016-4979. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, the httpd daemon will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1352476 - CVE-2016-4979 httpd: X509 client certificate authentication bypass using HTTP/2 1353755 - CVE-2016-5387 Apache HTTPD: sets environmental variable based on user supplied Proxy request header 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v.6): Source: httpd24-httpd-2.4.18-11.el6.src.rpm noarch: httpd24-httpd-manual-2.4.18-11.el6.noarch.rpm x86_64: httpd24-httpd-2.4.18-11.el6.x86_64.rpm httpd24-httpd-debuginfo-2.4.18-11.el6.x86_64.rpm httpd24-httpd-devel-2.4.18-11.el6.x86_64.rpm httpd24-httpd-tools-2.4.18-11.el6.x86_64.rpm httpd24-mod_ldap-2.4.18-11.el6.x86_64.rpm httpd24-mod_proxy_html-2.4.18-11.el6.x86_64.rpm httpd24-mod_session-2.4.18-11.el6.x86_64.rpm httpd24-mod_ssl-2.4.18-11.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6): Source: httpd24-httpd-2.4.18-11.el6.src.rpm noarch: httpd24-httpd-manual-2.4.18-11.el6.noarch.rpm x86_64: httpd24-httpd-2.4.18-11.el6.x86_64.rpm httpd24-httpd-debuginfo-2.4.18-11.el6.x86_64.rpm httpd24-httpd-devel-2.4.18-11.el6.x86_64.rpm httpd24-httpd-tools-2.4.18-11.el6.x86_64.rpm httpd24-mod_ldap-2.4.18-11.el6.x86_64.rpm httpd24-mod_proxy_html-2.4.18-11.el6.x86_64.rpm httpd24-mod_session-2.4.18-11.el6.x86_64.rpm httpd24-mod_ssl-2.4.18-11.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7): Source: httpd24-httpd-2.4.18-11.el6.src.rpm noarch: httpd24-httpd-manual-2.4.18-11.el6.noarch.rpm x86_64: httpd24-httpd-2.4.18-11.el6.x86_64.rpm httpd24-httpd-debuginfo-2.4.18-11.el6.x86_64.rpm httpd24-httpd-devel-2.4.18-11.el6.x86_64.rpm httpd24-httpd-tools-2.4.18-11.el6.x86_64.rpm httpd24-mod_ldap-2.4.18-11.el6.x86_64.rpm httpd24-mod_proxy_html-2.4.18-11.el6.x86_64.rpm httpd24-mod_session-2.4.18-11.el6.x86_64.rpm httpd24-mod_ssl-2.4.18-11.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v.6): Source: httpd24-httpd-2.4.18-11.el6.src.rpm noarch: httpd24-httpd-manual-2.4.18-11.el6.noarch.rpm x86_64: httpd24-httpd-2.4.18-11.el6.x86_64.rpm httpd24-httpd-debuginfo-2.4.18-11.el6.x86_64.rpm httpd24-httpd-devel-2.4.18-11.el6.x86_64.rpm httpd24-httpd-tools-2.4.18-11.el6.x86_64.rpm httpd24-mod_ldap-2.4.18-11.el6.x86_64.rpm httpd24-mod_proxy_html-2.4.18-11.el6.x86_64.rpm httpd24-mod_session-2.4.18-11.el6.x86_64.rpm httpd24-mod_ssl-2.4.18-11.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: httpd24-httpd-2.4.18-11.el7.src.rpm noarch: httpd24-httpd-manual-2.4.18-11.el7.noarch.rpm x86_64: httpd24-httpd-2.4.18-11.el7.x86_64.rpm httpd24-httpd-debuginfo-2.4.18-11.el7.x86_64.rpm httpd24-httpd-devel-2.4.18-11.el7.x86_64.rpm httpd24-httpd-tools-2.4.18-11.el7.x86_64.rpm httpd24-mod_ldap-2.4.18-11.el7.x86_64.rpm httpd24-mod_proxy_html-2.4.18-11.el7.x86_64.rpm httpd24-mod_session-2.4.18-11.el7.x86_64.rpm httpd24-mod_ssl-2.4.18-11.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1): Source: httpd24-httpd-2.4.18-11.el7.src.rpm noarch: httpd24-httpd-manual-2.4.18-11.el7.noarch.rpm x86_64: httpd24-httpd-2.4.18-11.el7.x86_64.rpm httpd24-httpd-debuginfo-2.4.18-11.el7.x86_64.rpm httpd24-httpd-devel-2.4.18-11.el7.x86_64.rpm httpd24-httpd-tools-2.4.18-11.el7.x86_64.rpm httpd24-mod_ldap-2.4.18-11.el7.x86_64.rpm httpd24-mod_proxy_html-2.4.18-11.el7.x86_64.rpm httpd24-mod_session-2.4.18-11.el7.x86_64.rpm httpd24-mod_ssl-2.4.18-11.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.2): Source: httpd24-httpd-2.4.18-11.el7.src.rpm noarch: httpd24-httpd-manual-2.4.18-11.el7.noarch.rpm x86_64: httpd24-httpd-2.4.18-11.el7.x86_64.rpm httpd24-httpd-debuginfo-2.4.18-11.el7.x86_64.rpm httpd24-httpd-devel-2.4.18-11.el7.x86_64.rpm httpd24-httpd-tools-2.4.18-11.el7.x86_64.rpm httpd24-mod_ldap-2.4.18-11.el7.x86_64.rpm httpd24-mod_proxy_html-2.4.18-11.el7.x86_64.rpm httpd24-mod_session-2.4.18-11.el7.x86_64.rpm httpd24-mod_ssl-2.4.18-11.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: httpd24-httpd-2.4.18-11.el7.src.rpm noarch: httpd24-httpd-manual-2.4.18-11.el7.noarch.rpm x86_64: httpd24-httpd-2.4.18-11.el7.x86_64.rpm httpd24-httpd-debuginfo-2.4.18-11.el7.x86_64.rpm httpd24-httpd-devel-2.4.18-11.el7.x86_64.rpm httpd24-httpd-tools-2.4.18-11.el7.x86_64.rpm httpd24-mod_ldap-2.4.18-11.el7.x86_64.rpm httpd24-mod_proxy_html-2.4.18-11.el7.x86_64.rpm httpd24-mod_session-2.4.18-11.el7.x86_64.rpm httpd24-mod_ssl-2.4.18-11.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2016-4979 https://access.redhat.com/security/cve/CVE-2016-5387 https://access.redhat.com/security/updates/classification#important https://access.redhat.com/security/vulnerabilities/httpoxy https://access.redhat.com/solutions/2435501 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXjPqfXlSAg2UNWIIRAgVvAJ9PN8fc1EVHIFP+915Pi04rE7WRPQCggjRn IzTV/EJp4IUFHLb4E6gkn10=R+w5 -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Vital announcement for Red Hat Software Collections tackles significant vulnerabilities found in httpd24-httpd server applications.. Red Hat SoftwareCollections,httpd24,httpd security update,remote access risk. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jul 18, 2016 Important Red Hat
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here