Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -3 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraaccess control

Fedora 41: httpd 2.4.64 Critical Security Fixes CVE-2024-42516

New version 2.4.64 and security fixes. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-f94e6fe0b4 2025-10-16 01:34:27.713863+00:00 -------------------------------------------------------------------------------- Name : httpd Product : Fedora 41 Version : 2.4.64 Release : 1.fc41 URL : https://httpd.apache.org/ Summary : Apache HTTP Server Description : The Apache HTTP Server is a powerful, efficient, and extensible web server. -------------------------------------------------------------------------------- Update Information: New version 2.4.64 and security fixes -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 11 2025 Lubo\u0161 Uhliarik - 2.4.64-1 - new version 2.4.64 * Tue Jun 24 2025 Joe Orton - 2.4.63-4 - mod_dav: add dav_get_base_path() API * Mon Feb 10 2025 Joe Orton - 2.4.63-3 - sync default httpd.conf with upstream * Sat Feb 1 2025 Bjrn Esser - 2.4.63-2 - Add explicit BR: libxcrypt-devel -------------------------------------------------------------------------------- References: [ 1 ] Bug #2379862 - CVE-2024-42516 httpd: incomplete fix for CVE-2023-38709 [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2379862 [ 2 ] Bug #2379864 - CVE-2024-43204 httpd: SSRF in Apache HTTP Server with mod_proxy loaded [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2379864 [ 3 ] Bug #2379866 - CVE-2024-47252 httpd: insufficient escaping of user-supplied data in mod_ssl [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2379866 [ 4 ] Bug #2379868 - CVE-2025-23048 httpd: access control bypass by trusted clients is possible using TLS 1.3 session resumption [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2379868 [ 5 ] Bug #2382578 - CVE-2025-49812 httpd: HTTP Session Hijack via a TLS upgrade [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2382578 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-f94e6fe0b4' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . New httpd version 2.4.64 for Fedora 41 with critical security fixes outlined. Ensure security compliance promptly.. Apache HTTP Server security update, Fedora package management, critical web server vulnerabilities. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 16, 2025 Critical Fedora
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorysoftware updatedebian

Debian 10: DLA-3720-3 critical: Squid incomplete fix CVE-2023-46846

It was discovered that the fix for CVE-2023-46846 was incomplete. In some cases Squid, a full featured web proxy cache, returned empty responses for URLs when Transfer-Encoding: chunked was in use. . ------------------------------------------------------------------------- Debian LTS Advisory DLA-3709-2 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Markus Koschany January 22, 2024 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : squid Version : 4.6-1+deb10u10 CVE ID : CVE-2023-46846 Debian Bug : 1060857 It was discovered that the fix for CVE-2023-46846 was incomplete. In some cases Squid, a full featured web proxy cache, returned empty responses for URLs when Transfer-Encoding: chunked was in use. For Debian 10 buster, this problem has been fixed in version 4.6-1+deb10u10. We recommend that you upgrade your squid packages. For the detailed security status of squid please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/squid Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . The recent update for Apache fixes the CVE-2023-48922 vulnerabilities highlighted in the Ubuntu LTS USN-5095-1 notice. It’s advisable for users to upgrade promptly.. Debian LTS Advisory,Squid Update,Security Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 22, 2024 Critical Debian LTS
Banner 4 1028x280 1708121825 1771600306
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of serviceUbuntu

Ubuntu 22.04 LTS: USN-6362-2 Critical: Incomplete .NET Denial of Service

An incomplete fix was discovered in .Net.. ========================================================================== Ubuntu Security Notice USN-6362-2 October 25, 2023 .Net regressions ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.04 - Ubuntu 22.04 LTS Summary: An incomplete fix was discovered in .Net. Software Description: - dotnet6: dotNET CLI tools and runtime - dotnet7: dotNET CLI tools and runtime Details: USN-6362-1 fixed vulnerabilities in .Net. It was discovered that the fix for [CVE-2023-36799](https://ubuntu.com/security/CVE-2023-36799) was incomplete. This update fixes the problem. Original advisory details: Kevin Jones discovered that .NET did not properly process certain X.509 certificates. An attacker could possibly use this issue to cause a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.04: aspnetcore-runtime-6.0 6.0.124-0ubuntu1~23.04.1 aspnetcore-runtime-7.0 7.0.113-0ubuntu1~23.04.1 dotnet-host 6.0.124-0ubuntu1~23.04.1 dotnet-host-7.0 7.0.113-0ubuntu1~23.04.1 dotnet-hostfxr-6.0 6.0.124-0ubuntu1~23.04.1 dotnet-hostfxr-7.0 7.0.113-0ubuntu1~23.04.1 dotnet-runtime-6.0 6.0.124-0ubuntu1~23.04.1 dotnet-runtime-7.0 7.0.113-0ubuntu1~23.04.1 dotnet-sdk-6.0 6.0.124-0ubuntu1~23.04.1 dotnet-sdk-7.0 7.0.113-0ubuntu1~23.04.1 dotnet6 6.0.124-0ubuntu1~23.04.1 dotnet7 7.0.113-0ubuntu1~23.04.1 Ubuntu 22.04 LTS: aspnetcore-runtime-6.0 6.0.124-0ubuntu1~22.04.1 aspnetcore-runtime-7.0 7.0.113-0ubuntu1~22.04.1 dotnet-host 6.0.124-0ubuntu1~22.04.1 dotnet-host-7.0 7.0.113-0ubuntu1~22.04.1 dotnet-hostfxr-6.0 6.0.124-0ubuntu1~22.04.1 dotnet-hostfxr-7.0 7.0.113-0ubuntu1~22.04.1 dotnet-runtime-6.0 6.0.124-0ubuntu1~22.04.1 dotnet-runtime-7.0 7.0.113-0ubuntu1~22.04.1 dotnet-sdk-6.0 6.0.124-0ubuntu1~22.04.1 dotnet-sdk-7.0 7.0.113-0ubuntu1~22.04.1 dotnet6 6.0.124-0ubuntu1~22.04.1 dotnet7 7.0.113-0ubuntu1~22.04.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6362-2 https://ubuntu.com/security/notices/USN-6362-1 CVE-2023-36799, https://bugs.launchpad.net/ubuntu/+source/dotnet6/+bug/2040207, https://bugs.launchpad.net/ubuntu/+source/dotnet7/+bug/2040208 Package Information: https://launchpad.net/ubuntu/+source/dotnet6/6.0.124-0ubuntu1~23.04.1 https://launchpad.net/ubuntu/+source/dotnet7/7.0.113-0ubuntu1~23.04.1 https://launchpad.net/ubuntu/+source/dotnet6/6.0.124-0ubuntu1~22.04.1 https://launchpad.net/ubuntu/+source/dotnet7/7.0.113-0ubuntu1~22.04.1 . New updates addressing the .Net regression issue on Ubuntu aim to fix vulnerabilities and bolster security against Denial of Service threats for users. dotNet Runtime, Ubuntu Update, Software Security, Denial of Service, .Net Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 25, 2023 Critical Ubuntu
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorycritical riskDoS

Ubuntu 23.10: USN-6438-2 Critical: .NET Denial Of Service Fix

An incomplete fix was discovered in .Net.. ========================================================================== Ubuntu Security Notice USN-6438-2 October 25, 2023 .Net regressions ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.10 Summary: An incomplete fix was discovered in .Net. Software Description: - dotnet6: dotNET CLI tools and runtime - dotnet7: dotNET CLI tools and runtime Details: USN-6438-1 fixed vulnerabilities in .Net. It was discovered that the fix for [CVE-2023-36799](https://ubuntu.com/security/CVE-2023-36799) was incomplete. This update fixes the problem. Original advisory details: Kevin Jones discovered that .NET did not properly process certain X.509 certificates. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-36799) It was discovered that the .NET Kestrel web server did not properly handle HTTP/2 requests. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2023-44487) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.10: aspnetcore-runtime-6.0 6.0.124-0ubuntu1~23.10.1 aspnetcore-runtime-7.0 7.0.113-0ubuntu1~23.10.1 dotnet-host 6.0.124-0ubuntu1~23.10.1 dotnet-host-7.0 7.0.113-0ubuntu1~23.10.1 dotnet-hostfxr-6.0 6.0.124-0ubuntu1~23.10.1 dotnet-hostfxr-7.0 7.0.113-0ubuntu1~23.10.1 dotnet-runtime-6.0 6.0.124-0ubuntu1~23.10.1 dotnet-runtime-7.0 7.0.113-0ubuntu1~23.10.1 dotnet-sdk-6.0 6.0.124-0ubuntu1~23.10.1 dotnet-sdk-7.0 7.0.113-0ubuntu1~23.10.1 dotnet6 6.0.124-0ubuntu1~23.10.1 dotnet7 7.0.113-0ubuntu1~23.10.1 In general, a standard system update will make all thenecessary changes. References: https://ubuntu.com/security/notices/USN-6438-2 https://ubuntu.com/security/notices/USN-6438-1 CVE-2023-36799, https://bugs.launchpad.net/ubuntu/+source/dotnet6/+bug/2040207, https://bugs.launchpad.net/ubuntu/+source/dotnet7/+bug/2040208 Package Information: https://launchpad.net/ubuntu/+source/dotnet6/6.0.124-0ubuntu1~23.10.1 https://launchpad.net/ubuntu/+source/dotnet7/7.0.113-0ubuntu1~23.10.1 . A flaw in .Net's functionality was rectified through Ubuntu Security Notice USN-6438-2, mitigating potential denial of service vulnerabilities.. Dotnet Runtime Issues, Ubuntu Security, Denial Of Service Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 25, 2023 Critical Ubuntu
Banner 4 1028x280 1708121825 1771600306
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycriticalsoftware update

Debian 9: Urgent DLA-2340-3 Security Update for Sqlite3 Issues

The update of sqlite3 released as DLA-2340-1 contained an incomplete fix for CVE-2019-20218. Updated sqlite3 packages are now available to correct this issue. . -------------------------------------------------------------------------Debian LTS Advisory DLA-2340-2 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Roberto C. S=E1nchez December 10, 2020 https://wiki.debian.org/LTS -------------------------------------------------------------------------Package : sqlite3 Version : 3.16.2-5+deb9u3 CVE ID : CVE-2019-20218 The update of sqlite3 released as DLA-2340-1 contained an incomplete fix for CVE-2019-20218. Updated sqlite3 packages are now available to correct this issue. For Debian 9 stretch, this problem has been fixed in version 3.16.2-5+deb9u3. We recommend that you upgrade your sqlite3 packages. For the detailed security status of sqlite3 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/sqlite3 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Recent updates to sqlite3 packages rectify a partial solution for CVE-2019-20219 within Debian LTS. Ensure you upgrade promptly for enhanced security.. Debian LTS, sqlite3 security, Debian advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 10, 2020 Critical Debian LTS
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisoryupdateunbound

SciLinux 7: Advisory SLSA-2020-2642-1 Important Unbound Security Update

unbound: incomplete fix for CVE-2020-12662 in RHEL7 (CVE-2020-10772) SL7 x86_64 unbound-1.6.6-5.el7_8.x86_64.rpm unbound-debuginfo-1.6.6-5.el7_8.i686.rpm unbound-debuginfo-1.6.6-5.el7_8.x86_64.rpm unbound-libs-1.6.6-5.el7_8.i686.rpm unbound-libs-1.6.6-5.el7_8.x86_64.rpm unbound-devel-1.6.6-5.el7_8.i686.rpm unbound-devel-1.6.6-5.el7_8.x86_64.rpm unbound-python [More...]. Synopsis: Important: unbound security update Advisory ID: SLSA-2020:2642-1 Issue Date: 2020-06-22 CVE Numbers: None -- Security Fix(es): * unbound: incomplete fix for CVE-2020-12662 in RHEL7 (CVE-2020-10772) -- SL7 x86_64 unbound-1.6.6-5.el7_8.x86_64.rpm unbound-debuginfo-1.6.6-5.el7_8.i686.rpm unbound-debuginfo-1.6.6-5.el7_8.x86_64.rpm unbound-libs-1.6.6-5.el7_8.i686.rpm unbound-libs-1.6.6-5.el7_8.x86_64.rpm unbound-devel-1.6.6-5.el7_8.i686.rpm unbound-devel-1.6.6-5.el7_8.x86_64.rpm unbound-python-1.6.6-5.el7_8.x86_64.rpm - Scientific Linux Development Team . Critical patch released for Scientific Linux SL7.x to remediate lingering issues from prior vulnerabilities.. unbound security, SL7 update, Scientific Linux advisory, unbound fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 22, 2020 Important Scientific Linux
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here