Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
100
security advisorymoderateSuSESUSE: snpguest Moderate OpenSSL IDNA Fixes CVE-2024-12224 2025:03445-1
* bsc#1242601 * bsc#1243869 Cross-References: * CVE-2024-12224 . # Security update for snpguest Announcement ID: SUSE-SU-2025:03445-1 Release Date: 2025-10-01T13:10:00Z Rating: moderate References: * bsc#1242601 * bsc#1243869 Cross-References: * CVE-2024-12224 * CVE-2025-3416 CVSS scores: * CVE-2024-12224 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-12224 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-12224 ( NVD ): 5.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-3416 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-3416 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-3416 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for snpguest fixes the following issues: * CVE-2024-12224: idna: acceptance of Punycode labels that do not produce any non-ASCII output may lead to incorrect hostname comparisons and incorrect URL parsing (bsc#1243869). * CVE-2025-3416: openssl: use-after-free in `Md::fetch` and `Cipher::fetch` when `Some(...)` value is passed to the `properties` argument (bsc#1242601). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-3445=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-3445=1 openSUSE-SLE-15.6-2025-3445=1 ## Package List: * Server Applications Module 15-SP6 (x86_64) * snpguest-debuginfo-0.3.2-150600.3.6.1 * snpguest-0.3.2-150600.3.6.1 * openSUSE Leap 15.6 (x86_64) * snpguest-debuginfo-0.3.2-150600.3.6.1 * snpguest-0.3.2-150600.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12224.html * https://www.suse.com/security/cve/CVE-2025-3416.html * https://bugzilla.suse.com/show_bug.cgi?id=1242601 * https://bugzilla.suse.com/show_bug.cgi?id=1243869 . A security update for snpguest addresses two significant issues in SUSE with moderate severity. Explore fixes now.. Linux Update, SUSE Security, snpguest Patch, OpenSSL Fix. . LinuxSecurity.com Team
Oct 01, 2025
SuSE
89
security advisoryfedoraupdateFedora 42: keylime-agent-rust Critical Patch CVE-2024-12224
Update to upstream version 0.2.8 Update idna dependency to a version not affected by CVE-2024-12224. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-6c7178c159 2025-08-27 01:22:54.950062+00:00 -------------------------------------------------------------------------------- Name : keylime-agent-rust Product : Fedora 42 Version : 0.2.8 Release : 1.fc42 URL : https://github.com/keylime/rust-keylime/ Summary : Rust agent for Keylime Description : The Keylime agent Requires: keylime-base Requires: keylime-agent-rust-pull -------------------------------------------------------------------------------- Update Information: Update to upstream version 0.2.8 Update idna dependency to a version not affected by CVE-2024-12224 -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 13 2025 Anderson Toshiyuki Sasaki - 0.2.8-1 - Update to upstream version 0.2.8 * Mon Jun 16 2025 Fabio Valentini - 0.2.7-5 - Rebuild for idna crate > = v1.0.0 (CVE-2024-12224) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2370589 - CVE-2024-12224 keylime-agent-rust: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2370589 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-6c7178c159' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Aug 27, 2025
•Critical
Fedora
89
security advisoryfedoracriticalFedora 41: FEDORA-2025-297c7ac7fe critical security updates for mirrorlist
Rebuild applications to apply two recent security updates: build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded) build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double- free on Drop). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-297c7ac7fe 2025-06-25 01:42:08.365038+00:00 -------------------------------------------------------------------------------- Name : mirrorlist-server Product : Fedora 41 Version : 3.0.7 Release : 7.fc41 URL : https://github.com/adrianreber/mirrorlist-server Summary : Mirrorlist Server Description : The mirrorlist-server uses the data created by MirrorManager2 (https://github.com/fedora-infra/mirrormanager2) to answer client request for the "best" mirror. This implementation of the mirrorlist-server is written in Rust. The original version of the mirrorlist-server was part of the MirrorManager2 repository and it is implemented using Python. While moving from Python2 to Python3 one of the problems was that the data exchange format (Python Pickle) did not support running the MirrorManager2 backend with Python2 and the mirrorlist frontend with Python3. To have a Pickle independent data exchange format protobuf was introduced. The first try to use protobuf in the python mirrorlist implementation required a lot more memory than the Pickle based implementation (3.5GB instead of 1.1GB). That is one of the reasons a new mirrorlist-server implementation was needed. Another reason to rewrite the mirrorlist-server is its architecture. The Python based version requires the Apache HTTP server or something that can run the included wsgi. The wsgi talks over a socket to the actual mirrorlist-server. In Fedora's MirrorManager2 instance this runs in a container which runs behind HAProxy. This implementation in Rust directly uses a HTTP library to reduce the number ofinvolved components. In addition to being simpler this implementation also requires less memory than the Python version. -------------------------------------------------------------------------------- Update Information: Rebuild applications to apply two recent security updates: build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded) build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double- free on Drop) -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 16 2025 Fabio Valentini - 3.0.7-7 - Rebuild for idna crate > = v1.0.0 (CVE-2024-12224) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2366525 - CVE-2025-4574 atuin: crossbeam-channel Vulnerable to Double Free on Drop [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2366525 [ 2 ] Bug #2366527 - CVE-2025-4574 awatcher: crossbeam-channel Vulnerable to Double Free on Drop [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2366527 [ 3 ] Bug #2370559 - CVE-2024-12224 atuin: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2370559 [ 4 ] Bug #2370561 - CVE-2024-12224 awatcher: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2370561 [ 5 ] Bug #2370566 - CVE-2024-12224 gotify-desktop: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2370566 [ 6 ] Bug #2370568 - CVE-2024-12224 keylime-agent-rust: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2370568 [ 7 ] Bug #2370570 - CVE-2024-12224 mirrorlist-server: idna accepts Punycode labelsthat do not produce any non-ASCII when decoded [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2370570 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-297c7ac7fe' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Jun 25, 2025
•Critical
Fedora
89
security advisoryfedoracriticalFedora 41: FEDORA-2025-297c7ac7fe critical: awatcher double-free and idna
Rebuild applications to apply two recent security updates: build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded) build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double- free on Drop). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-297c7ac7fe 2025-06-25 01:42:08.365038+00:00 -------------------------------------------------------------------------------- Name : awatcher Product : Fedora 41 Version : 0.3.1 Release : 2.fc41 URL : https://github.com/2e3s/awatcher Summary : A window activity and idle watcher Description : A window activity and idle watcher. -------------------------------------------------------------------------------- Update Information: Rebuild applications to apply two recent security updates: build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded) build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double- free on Drop) -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 16 2025 Fabio Valentini - 0.3.1-2 - Rebuild for idna crate > = v1.0.0 (CVE-2024-12224) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2366525 - CVE-2025-4574 atuin: crossbeam-channel Vulnerable to Double Free on Drop [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2366525 [ 2 ] Bug #2366527 - CVE-2025-4574 awatcher: crossbeam-channel Vulnerable to Double Free on Drop [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2366527 [ 3 ] Bug #2370559 - CVE-2024-12224 atuin: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2370559 [ 4 ] Bug #2370561 - CVE-2024-12224awatcher: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2370561 [ 5 ] Bug #2370566 - CVE-2024-12224 gotify-desktop: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2370566 [ 6 ] Bug #2370568 - CVE-2024-12224 keylime-agent-rust: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2370568 [ 7 ] Bug #2370570 - CVE-2024-12224 mirrorlist-server: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2370570 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-297c7ac7fe' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Jun 25, 2025
•Critical
Fedora
89
security advisoryfedoraupdateFedora 42: FEDORA-2025-8a18a5a077 critical: gotify-desktop update
Rebuild applications to apply two recent security updates: build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded) build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double- free on Drop). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-8a18a5a077 2025-06-25 01:17:21.616266+00:00 -------------------------------------------------------------------------------- Name : gotify-desktop Product : Fedora 42 Version : 1.3.7 Release : 5.fc42 URL : https://github.com/desbma/gotify-desktop Summary : Small Gotify daemon to receive and forward messages Description : Small Gotify daemon to receive messages and forward them as desktop notifications. Read Gotify messages, and forward them as standard desktop notification. Forward message priority. Auto reconnect if server connection is lost and get missed messages. Automatically download, cache, and show app icons. -------------------------------------------------------------------------------- Update Information: Rebuild applications to apply two recent security updates: build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded) build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double- free on Drop) -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 16 2025 Fabio Valentini - 1.3.7-5 - Rebuild for idna crate > = v1.0.0 (CVE-2024-12224) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2366549 - CVE-2025-4574 atuin: crossbeam-channel Vulnerable to Double Free on Drop [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2366549 [ 2 ] Bug #2366551 - CVE-2025-4574 awatcher: crossbeam-channel Vulnerable to Double Free on Drop [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2366551 [ 3 ] Bug #2370578 - CVE-2024-12224 atuin: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2370578 [ 4 ] Bug #2370580 - CVE-2024-12224 awatcher: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2370580 [ 5 ] Bug #2370586 - CVE-2024-12224 gotify-desktop: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2370586 [ 6 ] Bug #2370591 - CVE-2024-12224 mirrorlist-server: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2370591 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-8a18a5a077' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Jun 25, 2025
•Critical
Fedora
89
security advisoryfedoraimportantFedora 42: FEDORA-2025-8a18a5a077 important: awatcher security updates
Rebuild applications to apply two recent security updates: build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded) build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double- free on Drop). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-8a18a5a077 2025-06-25 01:17:21.616266+00:00 -------------------------------------------------------------------------------- Name : awatcher Product : Fedora 42 Version : 0.3.1 Release : 2.fc42 URL : https://github.com/2e3s/awatcher Summary : A window activity and idle watcher Description : A window activity and idle watcher. -------------------------------------------------------------------------------- Update Information: Rebuild applications to apply two recent security updates: build with idna 1.0.0+ to address CVE-2024-12224 (idna accepts Punycode labels that do not produce any non-ASCII when decoded) build with crossbeam-channel 0.5.15+ to address CVE-2025-4574 (potential double- free on Drop) -------------------------------------------------------------------------------- ChangeLog: * Mon Jun 16 2025 Fabio Valentini - 0.3.1-2 - Rebuild for idna crate > = v1.0.0 (CVE-2024-12224) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2366549 - CVE-2025-4574 atuin: crossbeam-channel Vulnerable to Double Free on Drop [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2366549 [ 2 ] Bug #2366551 - CVE-2025-4574 awatcher: crossbeam-channel Vulnerable to Double Free on Drop [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2366551 [ 3 ] Bug #2370578 - CVE-2024-12224 atuin: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2370578 [ 4 ] Bug #2370580 - CVE-2024-12224awatcher: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2370580 [ 5 ] Bug #2370586 - CVE-2024-12224 gotify-desktop: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2370586 [ 6 ] Bug #2370591 - CVE-2024-12224 mirrorlist-server: idna accepts Punycode labels that do not produce any non-ASCII when decoded [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2370591 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-8a18a5a077' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Jun 25, 2025
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!