Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -1 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderateSuSE

SUSE Linux 12 SP5 Tomcat Moderate Input Validation Risk 2026-0922-1

An update that solves one vulnerability can now be installed.. # Security update for tomcat Announcement ID: SUSE-SU-2026:0922-1 Release Date: 2026-03-18T09:15:06Z Rating: moderate References: * bsc#1258385 Cross-References: * CVE-2026-24733 CVSS scores: * CVE-2026-24733 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-24733 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-24733 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-24733 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for tomcat fixes the following issues: * CVE-2026-24733: improper input validation on HTTP/0.9 requests (bsc#1258385) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-922=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * tomcat-javadoc-9.0.36-3.156.1 * tomcat-9.0.36-3.156.1 * tomcat-webapps-9.0.36-3.156.1 * tomcat-lib-9.0.36-3.156.1 * tomcat-jsp-2_3-api-9.0.36-3.156.1 * tomcat-admin-webapps-9.0.36-3.156.1 * tomcat-servlet-4_0-api-9.0.36-3.156.1 * tomcat-el-3_0-api-9.0.36-3.156.1 * tomcat-docs-webapp-9.0.36-3.156.1 ## References: * https://www.suse.com/security/cve/CVE-2026-24733.html * https://bugzilla.suse.com/show_bug.cgi?id=1258385 . Update released for SUSE to fix moderate-level improper input validation issue in tomcat. Apply patchnow.. SUSE Linux, Tomcat Update, Input Validation, Security Advisory, System Patch. . LinuxSecurity.com Team

Calendar 2 Mar 18, 2026 SuSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorySuSElow

SUSE 16.0 AutoGen Insufficient Info Evaluation Problem SUSE-SU-2026-20490-3

An update that solves one vulnerability can now be installed.. # Security update for autogen Announcement ID: SUSE-SU-2026:20590-1 Release Date: 2026-02-26T09:10:10Z Rating: low References: * bsc#1247921 Cross-References: * CVE-2025-8746 CVSS scores: * CVE-2025-8746 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-8746 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-8746 ( NVD ): 1.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8746 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-8746 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves one vulnerability can now be installed. ## Description: This update for autogen fixes the following issues: * CVE-2025-8746: Fixed improper input validation and memory bounds checking when processing certain malformed configuration files (bsc#1247921) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-312=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-312=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * libopts25-debuginfo-5.18.16-160000.3.1 * autogen-debugsource-5.18.16-160000.3.1 * autogen-debuginfo-5.18.16-160000.3.1 * autogen-5.18.16-160000.3.1 * libopts25-5.18.16-160000.3.1 * autoopts-5.18.16-160000.3.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) *libopts25-debuginfo-5.18.16-160000.3.1 * autogen-debugsource-5.18.16-160000.3.1 * autogen-debuginfo-5.18.16-160000.3.1 * autogen-5.18.16-160000.3.1 * libopts25-5.18.16-160000.3.1 * autoopts-5.18.16-160000.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-8746.html * https://bugzilla.suse.com/show_bug.cgi?id=1247921 . This SUSE advisory addresses a low-severity flaw in autogen due to improper input validation and memory limits.. SUSE, autogen, update. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Mar 05, 2026 Low SuSE
Banner 3 1028x280 1708121785 1771599793
219
Ls Advisories Rockylinux Esm H240
Price Tag 1security advisorybug fiximportant

Rocky Linux 8 microcode_ctl significant revision alerts RLEA-2025-4525

Important:microcode_ctl bug fix and enhancement update. {"type": "TYPE_ENHANCEMENT", "shortCode": "RL", "name": "RLEA-2025:3114", "synopsis": "Important:microcode_ctl bug fix and enhancement update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for microcode_ctl.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The microcode_ctl packages provide microcode updates for Intel and AMD processors.\n\nBug Fix(es) and Enhancement(s):\n\n* [Rocky Linux 8] Update Intel CPU microcode to the latest version (JIRA:Rocky Linux-67344)\n\n* microcode_ctl: Improper input validation in UEFI firmware CseVariableStorageSmm [rhel-8.10.z] (JIRA:Rocky Linux-79195)\n\n* microcode_ctl: Improper input validation in UEFI firmware [rhel-8.10.z] (JIRA:Rocky Linux-79197)\n\n* microcode_ctl: Improper input validation in UEFI firmware [rhel-8.10.z] (JIRA:Rocky Linux-79198)\n\n* microcode_ctl: Improper input validation in XmlCli feature for UEFI firmware [rhel-8.10.z] (JIRA:Rocky Linux-79213)\n\n* microcode_ctl: Improper input validation in UEFI firmware [rhel-8.10.z] (JIRA:Rocky Linux-79216)", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2345359", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2345359", "description": ""}, {"ticket": "2345363", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2345363", "description": ""}, {"ticket": "2345365", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2345365", "description": ""}, {"ticket": "2345367", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2345367", "description": ""}, {"ticket": "2345370", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2345370", "description": ""}, {"ticket": "2345376", "sourceBy": "Red Hat","sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2345376", "description": ""}, {"ticket": "2345381", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2345381", "description": ""}, {"ticket": "2345401", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2345401", "description": ""}, {"ticket": "2345416", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2345416", "description": ""}, {"ticket": "2345421", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2345421", "description": ""}], "cves": [{"name": "CVE-2023-34440", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-34440", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-20"}, {"name": "CVE-2023-43758", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-43758", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "cvss3BaseScore": "8.2", "cwe": "CWE-20"}, {"name": "CVE-2024-24582", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-24582", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-20"}, {"name": "CVE-2024-28047", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-28047", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N", "cvss3BaseScore": "5.3", "cwe": "CWE-20"}, {"name": "CVE-2024-28127", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-28127", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-20"}, {"name": "CVE-2024-29214", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-29214", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-20"}, {"name": "CVE-2024-31068", "sourceBy": "MITRE","sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-31068", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H", "cvss3BaseScore": "5.3", "cwe": "CWE-1245"}, {"name": "CVE-2024-31157", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-31157", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N", "cvss3BaseScore": "5.3", "cwe": "CWE-665"}, {"name": "CVE-2024-36293", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-36293", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "cvss3BaseScore": "6.5", "cwe": "CWE-284"}, {"name": "CVE-2024-39279", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-39279", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "cvss3BaseScore": "6.5", "cwe": "CWE-1220"}], "references": [], "publishedAt": "2026-02-26T20:42:51.166824Z", "rpms": {"Rocky Linux 8": {"nvras": ["microcode_ctl-4:20250211-1.el8_10.src.rpm", "microcode_ctl-4:20250211-1.el8_10.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Rocky Linux 8 update addresses microcode_ctl issues with important bug fixes and enhancements, including security improvements.. microcode_ctl updates,Rocky Linux enhancements,security fixes,system updates,processor microcode. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 26, 2026 Important Rocky Linux
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorybuffer overflowdebian

Debian: Exempi Moderate Buffer Overflow & Out-of-bounds Access DLA-4264-1

Multiple vulnerabilities have been fixed in Exempi, an implementation of XMP (Extensible Metadata Platform). CVE-2021-36045 . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4264-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Adrian Bunk August 04, 2025 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : exempi Version : 2.5.2-1+deb11u1 CVE ID : CVE-2021-36045 CVE-2021-36046 CVE-2021-36047 CVE-2021-36048 CVE-2021-36050 CVE-2021-36051 CVE-2021-36052 CVE-2021-36053 CVE-2021-36054 CVE-2021-36055 CVE-2021-36056 CVE-2021-36057 CVE-2021-36058 CVE-2021-36064 CVE-2021-39847 CVE-2021-40716 CVE-2021-40732 CVE-2021-42528 CVE-2021-42529 CVE-2021-42530 CVE-2021-42531 CVE-2021-42532 Multiple vulnerabilities have been fixed in Exempi, an implementation of XMP (Extensible Metadata Platform). CVE-2021-36045 Out-of-bounds Access CVE-2021-36046 Out-of-bounds Access CVE-2021-36047 Improper Input Validation CVE-2021-36048 Improper Input Validation CVE-2021-36050 Heap-based Buffer Overflow CVE-2021-36051 Heap-based Buffer Overflow CVE-2021-36052 Out-of-bounds Access CVE-2021-36053 Out-of-bounds Access CVE-2021-36054 Heap-based Buffer Overflow CVE-2021-36055 Heap-based Buffer Overflow CVE-2021-36056 Heap-based Buffer Overflow CVE-2021-36057 Write-what-where Condition CVE-2021-36058 Integer Overflow or Wraparound CVE-2021-36064 Buffer Underwrite CVE-2021-39847 Stack-based Buffer Overflow CVE-2021-40716 Out-of-bounds Access CVE-2021-40732 NULL Pointer Dereference CVE-2021-42528 NULL Pointer Dereference CVE-2021-42529 Stack-based Buffer Overflow CVE-2021-42530 Stack-based Buffer Overflow CVE-2021-42531 Stack-based Buffer Overflow CVE-2021-42532 Stack-based Buffer Overflow For Debian 11 bullseye, these problems have been fixed in version 2.5.2-1+deb11u1. We recommend that you upgrade your exempi packages. For the detailed security status of exempi please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/exempi Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Several security issues addressed in Exempi, Debian LTS DLA-4264-2. Update advised to reduce potential threats.. Exempi security update, Debian LTS DLA-4264-1, Out-of-bounds Access, Buffer Overflow, Improper Input Validation. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 04, 2025 Important Debian LTS
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedorasoftware patch

Fedora 40: FEDORA-2025-6452f3da4b critical: vim improper input validation

The newest upstream commit Security fix for CVE-2025-27423. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-6452f3da4b 2025-03-08 01:35:17.955236+00:00 -------------------------------------------------------------------------------- Name : vim Product : Fedora 40 Version : 9.1.1169 Release : 1.fc40 URL : http://www.vim.org/ Summary : The VIM editor Description : VIM (VIsual editor iMproved) is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. -------------------------------------------------------------------------------- Update Information: The newest upstream commit Security fix for CVE-2025-27423 -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 4 2025 Zdenek Dohnal - 2:9.1.1169-1 - patchlevel 1169 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2349561 - CVE-2025-27423 vim: Improper Input Validation in Vim https://bugzilla.redhat.com/show_bug.cgi?id=2349561 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-6452f3da4b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Fedora 40's nano text editor is updated promptly to address CVE-2025-27424, featuring an essential security patch for enhanced output encoding.. Fedora 40 Update,vim Security Advisory,Critical Security Fix,CVE-2025-27423,Improper Input Validation. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 08, 2025 Critical Fedora
219
Ls Advisories Rockylinux Esm H240
Price Tag 1security advisorycriticalimportant

Rocky Linux 8 RLSA-2024:1514 critical: macro execution risks in libreoffice

Important: libreoffice security fix update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2024:1514", "synopsis": "Important: libreoffice security fix update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for libreoffice.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.\n\nSecurity Fix(es):\n\n* libreoffice: Improper Input Validation leading to arbitrary gstreamer plugin execution (CVE-2023-6185)\n\n* libreoffice: Insufficient macro permission validation leading to macro execution (CVE-2023-6186)", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2254003", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2254003", "description": ""}, {"ticket": "2254005", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2254005", "description": ""}], "cves": [{"name": "CVE-2023-6185", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-6185", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2023-6186", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-6186", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}], "references": [], "publishedAt": "2024-03-27T04:34:32.999941Z", "rpms": {"Rocky Linux 8": {"nvras": ["autocorr-cs-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-af-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-bg-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-ca-1:6.4.7.2-16.el8_9.noarch.rpm","autocorr-da-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-de-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-en-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-es-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-fa-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-fi-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-fr-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-ga-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-hr-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-hu-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-is-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-it-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-ja-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-ko-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-lb-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-lt-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-mn-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-nl-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-pl-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-pt-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-ro-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-ru-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-sk-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-sl-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-sr-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-sv-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-tr-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-vi-1:6.4.7.2-16.el8_9.noarch.rpm", "autocorr-zh-1:6.4.7.2-16.el8_9.noarch.rpm", "libreoffice-1:6.4.7.2-16.el8_9.src.rpm", "libreoffice-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-base-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-base-debuginfo-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-calc-1:6.4.7.2-16.el8_9.aarch64.rpm", "libreoffice-calc-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-calc-debuginfo-1:6.4.7.2-16.el8_9.aarch64.rpm", "libreoffice-calc-debuginfo-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-core-1:6.4.7.2-16.el8_9.aarch64.rpm", "libreoffice-core-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-core-debuginfo-1:6.4.7.2-16.el8_9.aarch64.rpm", "libreoffice-core-debuginfo-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-data-1:6.4.7.2-16.el8_9.noarch.rpm","libreoffice-debuginfo-1:6.4.7.2-16.el8_9.aarch64.rpm", "libreoffice-debuginfo-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-debugsource-1:6.4.7.2-16.el8_9.aarch64.rpm", "libreoffice-debugsource-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-draw-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-emailmerge-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-filters-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-gdb-debug-support-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-graphicfilter-1:6.4.7.2-16.el8_9.aarch64.rpm", "libreoffice-graphicfilter-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-graphicfilter-debuginfo-1:6.4.7.2-16.el8_9.aarch64.rpm", "libreoffice-graphicfilter-debuginfo-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-gtk3-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-gtk3-debuginfo-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-ar-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-bg-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-bn-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-ca-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-cs-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-da-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-de-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-dz-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-el-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-en-1:6.4.7.2-16.el8_9.aarch64.rpm", "libreoffice-help-en-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-es-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-et-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-eu-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-fi-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-fr-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-gl-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-gu-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-he-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-hi-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-hr-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-hu-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-id-1:6.4.7.2-16.el8_9.x86_64.rpm","libreoffice-help-it-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-ja-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-ko-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-lt-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-lv-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-nb-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-nl-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-nn-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-pl-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-pt-BR-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-pt-PT-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-ro-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-ru-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-si-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-sk-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-sl-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-sv-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-ta-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-tr-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-uk-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-zh-Hans-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-help-zh-Hant-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-impress-1:6.4.7.2-16.el8_9.aarch64.rpm", "libreoffice-impress-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-impress-debuginfo-1:6.4.7.2-16.el8_9.aarch64.rpm", "libreoffice-impress-debuginfo-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreofficekit-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreofficekit-debuginfo-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-af-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-ar-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-as-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-bg-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-bn-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-br-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-ca-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-cs-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-cy-1:6.4.7.2-16.el8_9.x86_64.rpm","libreoffice-langpack-da-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-de-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-dz-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-el-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-en-1:6.4.7.2-16.el8_9.aarch64.rpm", "libreoffice-langpack-en-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-es-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-et-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-eu-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-fa-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-fi-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-fr-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-ga-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-gl-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-gu-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-he-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-hi-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-hr-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-hu-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-id-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-it-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-ja-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-kk-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-kn-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-ko-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-lt-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-lv-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-mai-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-ml-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-mr-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-nb-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-nl-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-nn-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-nr-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-nso-1:6.4.7.2-16.el8_9.x86_64.rpm","libreoffice-langpack-or-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-pa-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-pl-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-pt-BR-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-pt-PT-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-ro-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-ru-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-si-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-sk-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-sl-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-sr-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-ss-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-st-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-sv-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-ta-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-te-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-th-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-tn-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-tr-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-ts-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-uk-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-ve-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-xh-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-zh-Hans-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-zh-Hant-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-langpack-zu-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-math-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-ogltrans-1:6.4.7.2-16.el8_9.aarch64.rpm", "libreoffice-ogltrans-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-ogltrans-debuginfo-1:6.4.7.2-16.el8_9.aarch64.rpm", "libreoffice-ogltrans-debuginfo-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-opensymbol-fonts-1:6.4.7.2-16.el8_9.noarch.rpm", "libreoffice-pdfimport-1:6.4.7.2-16.el8_9.aarch64.rpm", "libreoffice-pdfimport-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-pdfimport-debuginfo-1:6.4.7.2-16.el8_9.aarch64.rpm","libreoffice-pdfimport-debuginfo-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-pyuno-1:6.4.7.2-16.el8_9.aarch64.rpm", "libreoffice-pyuno-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-pyuno-debuginfo-1:6.4.7.2-16.el8_9.aarch64.rpm", "libreoffice-pyuno-debuginfo-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-sdk-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-sdk-debuginfo-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-sdk-doc-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-ure-1:6.4.7.2-16.el8_9.aarch64.rpm", "libreoffice-ure-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-ure-common-1:6.4.7.2-16.el8_9.noarch.rpm", "libreoffice-ure-debuginfo-1:6.4.7.2-16.el8_9.aarch64.rpm", "libreoffice-ure-debuginfo-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-wiki-publisher-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-writer-1:6.4.7.2-16.el8_9.aarch64.rpm", "libreoffice-writer-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-writer-debuginfo-1:6.4.7.2-16.el8_9.aarch64.rpm", "libreoffice-writer-debuginfo-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-x11-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-x11-debuginfo-1:6.4.7.2-16.el8_9.x86_64.rpm", "libreoffice-xsltfilter-1:6.4.7.2-16.el8_9.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Patch addressing faulty input checks and macro access settings in LibreOffice on Rocky Linux 8. Significant vulnerabilities resolved.. LibreOffice Fix, Rocky Linux Update, Input Validation Issue, Security Risks, Macro Permission. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 27, 2024 Important Rocky Linux
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycritical updateopen source

Fedora 33: FEDORA-2021-55198e6804 Critical Update for Iaito 5.4.0

Radare2 update to version 5.4.0. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-55198e6804 2021-09-29 01:07:46.121249 --------------------------------------------------------------------------------Name : iaito Product : Fedora 33 Version : 5.3.1 Release : 3.fc33 URL : https://github.com/radareorg/iaito/ Summary : GUI for radare2 reverse engineering framework Description : iaito is a Qt and C++ GUI for radare2. It is the continuation of Cutter before the fork to keep radare2 as backend. Its goal is making an advanced, customizable and FOSS reverse-engineering platform while keeping the user experience at mind. The iaito is created by reverse engineers for reverse engineers. Focus on supporting latest version of radare2. Recommend the use of system installed libraries/radare2. Closer integration between r2 and the UI. --------------------------------------------------------------------------------Update Information: Radare2 update to version 5.4.0 --------------------------------------------------------------------------------ChangeLog: * Sat Sep 18 2021 Henrik Nordstrom - 5.3.1-3 - rebuilt with radare2 5.4.0 * Sat Sep 18 2021 Henrik Nordstrom - 5.3.1-2 - rebuilt with radare2 5.4.0 * Wed Jul 21 2021 Henrik Nordstrom - 5.3.1-1 - Update to release 5.3.1 --------------------------------------------------------------------------------References: [ 1 ] Bug #1989130 - CVE-2021-3673 radare2: improper input validation can lead to resource exhaustion when reading LE binary https://bugzilla.redhat.com/show_bug.cgi?id=1989130 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-55198e6804' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html Allpackages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Fedora 34 update for Iaito to version 5.5.0 enhances Radare2 interface with essential bug corrections and updated system library enhancements.. Fedora 33, Radare2, Iaito, Critical Update, Security Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 28, 2021 Critical Fedora
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderateupdate

RHEL 8: RHSA-2021-1582-01 Moderate: cpio Input Validation Issue

An update for cpio is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: cpio security update Advisory ID: RHSA-2021:1582-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:1582 Issue date: 2021-05-18 CVE Names: CVE-2019-14866 ==================================================================== 1. Summary: An update for cpio is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The cpio packages provide the GNU cpio utility for creating and extracting archives, or copying files from one place to another. Security Fix(es): * cpio: improper input validation when writing tar header fields leads to unexpected tar generation (CVE-2019-14866) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, referto: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1487673 - cpio does not preserve soft link time 1765511 - CVE-2019-14866 cpio: improper input validation when writing tar header fields leads to unexpected tar generation 6. Package List: Red Hat Enterprise Linux BaseOS (v. 8): Source: cpio-2.12-10.el8.src.rpm aarch64: cpio-2.12-10.el8.aarch64.rpm cpio-debuginfo-2.12-10.el8.aarch64.rpm cpio-debugsource-2.12-10.el8.aarch64.rpm ppc64le: cpio-2.12-10.el8.ppc64le.rpm cpio-debuginfo-2.12-10.el8.ppc64le.rpm cpio-debugsource-2.12-10.el8.ppc64le.rpm s390x: cpio-2.12-10.el8.s390x.rpm cpio-debuginfo-2.12-10.el8.s390x.rpm cpio-debugsource-2.12-10.el8.s390x.rpm x86_64: cpio-2.12-10.el8.x86_64.rpm cpio-debuginfo-2.12-10.el8.x86_64.rpm cpio-debugsource-2.12-10.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-14866 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYKPtiNzjgjWX9erEAQjiaw/9HrTWh2flu6ekZLC5Fv9AjNSy1OobcNFB T0Dmne9uKK44i9/z8GWpsYTmB61m1xLUkKnxT93oDBsDzPX4A2RwPU3TtAZ3OTyC PghuF0O8dMGY+8m5Re7Li6WBTaOmfE4/DOsHA0lJH8tU9bNzRaLsK7jtts3agt8Q f5IyfXjX8Te7qVR2EhsmtHfV9ckle1tDMBgJdXyPIfOJRj2Syk2qWmt8/MCVCYke NnVba5wNOsbH+qYYlMG+IRlNIzSigYufBCUt8H1DxcHjbO2k1SCftXeh6YZ/E2cY vfAsXk5f5JBK53YYE59LpHur8rl5Z8vpGFYIK1mE/eC8LCZLzmob63VMmWzEdG3t lIxLQemN7cxFNCG72f8RaUJAoVA/jXUXMKG+vHaFWwc5I3yf6n+b6Bhh8sv9uFeY 2fh4HEr80hdm0/jX8LWlD1KQd89z4iwhsTKbswYmhksHDMqcOy8XsRGJJKCq9sUo Yel94Vy7xwikiNOh49GYmErCc6g6P0n4WFfLlSbvTcHy10JaoTINaHqnajYlAhRa VpAFqIpakFtJHH3StaTAMaXkRLaJVnK2zwD6z7HdFSCeHjif2Ukh8fTmbeTJonO8 Dy3NpBXH2z/qaMr2tMqakwdy2oZECBXlsxZMNt3z+TGIKH5J7kvpMERKUIQOg0FH bBV9zPo/kVM=PgJj -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://listman.redhat.com/mailman/listinfo/rhsa-announce . Red Hat issued a significant security patch for cpio, correcting inadequate input validation vulnerabilities. Essential actions include.. Red Hat Enterprise Linux,cpu security update,security fix. . LinuxSecurity.com Team

Calendar 2 May 18, 2021 Red Hat
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here