Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 488
Alerts This Week
Warning Icon 1 488

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 40 articles for you...
87

Debian gsasl Critical Memory Exposure Resolution DSA-6348-1

It was discovered that missing input sanitising in the NTLM client of the GNU SASL library could result in memory disclosure For the stable distribution (trixie), this problem has been fixed in version 2.2.2-1.1+deb13u2. We recommend that you upgrade your gsasl packages.. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6348-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff June 16, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gsasl CVE ID : not yet available It was discovered that missing input sanitising in the NTLM client of the GNU SASL library could result in memory disclosure For the stable distribution (trixie), this problem has been fixed in version 2.2.2-1.1+deb13u2. We recommend that you upgrade your gsasl packages. For the detailed security status of gsasl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/gsasl Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Upgrade to Debian gsasl 2.2.2-1.1+deb13u2 to fix NTLM client memory disclosure issue caused by missing input sanitizing.. Debian Security Advisory, gsasl Memory Disclosure, GNU SASL Upgrade, Debian Advisory DSA-6348-1, Input Sanitizing Fix. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 16, 2026 Important Debian
87

Debian Trixie jpeg-xl Important Denial of Service CVE-2025-70103 DSA-6342-1

It was discovered that missing input sanitising in the PNM/PBM parser of the reference code implementation of the JPEG XL format could result in denial of service or potentially the execution of arbitrary code if malformed images are processed. For the stable distribution (trixie), this problem has been fixed in. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6342-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff June 12, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : jpeg-xl CVE ID : CVE-2025-70103 It was discovered that missing input sanitising in the PNM/PBM parser of the reference code implementation of the JPEG XL format could result in denial of service or potentially the execution of arbitrary code if malformed images are processed. For the stable distribution (trixie), this problem has been fixed in version 0.11.2-0.1~deb13u2. We recommend that you upgrade your jpeg-xl packages. For the detailed security status of jpeg-xl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/jpeg-xl Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Denial of service risk found in jpeg-xl PNM/PBM parser requires urgent update for Debian Trixie users.. jpeg-xl security update, Debian advisory June 2026, jpeg-xl denial of service, important Linux security fix. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 12, 2026 Important Debian
87

Debian DSA-6271-1 gsasl Critical Denial of Service Vulnerability Fix

It was discovered that missing input sanitising in the DIGEST-MD5 parser of the GNU SASL library could result in denial of service. For the oldstable distribution (bookworm), this problem has been fixed in version 2.2.0-1+deb12u1. For the stable distribution (trixie), this problem has been fixed in. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6271-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff May 14, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : gsasl CVE ID : not yet available It was discovered that missing input sanitising in the DIGEST-MD5 parser of the GNU SASL library could result in denial of service. For the oldstable distribution (bookworm), this problem has been fixed in version 2.2.0-1+deb12u1. For the stable distribution (trixie), this problem has been fixed in version 2.2.2-1.1+deb13u1. We recommend that you upgrade your gsasl packages. For the detailed security status of gsasl please refer to its security tracker page at: https://security-tracker.debian.org/tracker/gsasl Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Denial of service risks due to input sanitizing issues in GNU SASL library gsasl fixed in Debian DSA-6271-1.. Debian Security Advisory, gsasl security fix, denial of service, GNU SASL library, input sanitizing. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 14, 2026 Critical Debian
87

Debian Trixie pillow Important DoS Risk DSA-6219-1 CVE-2026-40192

It was discovered that missing input sanitising in the FITS support of Pillow, a Python imaging library, could result in denial of service. The oldstable distribution (bookworm) is not affected. For the stable distribution (trixie), this problem has been fixed in version 11.1.0-5+deb13u2.. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6219-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff April 19, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : pillow CVE ID : CVE-2026-40192 It was discovered that missing input sanitising in the FITS support of Pillow, a Python imaging library, could result in denial of service. The oldstable distribution (bookworm) is not affected. For the stable distribution (trixie), this problem has been fixed in version 11.1.0-5+deb13u2. We recommend that you upgrade your pillow packages. For the detailed security status of pillow please refer to its security tracker page at: https://security-tracker.debian.org/tracker/pillow Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Pillow library faces Denial of Service risk due to input sanitizing issue. Update recommended for stable distribution.. pillow library, debian security, input sanitizing, denial of service, security advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Apr 19, 2026 Important Debian
87

Debian 11 DSA-5571-1: RabbitMQ Server Denial of Service Threat

It was discovered that missing input sanitising in the HTTP API endpoint of RabbitMQ, an implementation of the AMQP protocol, could result in denial of service. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5571-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff December 01, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : rabbitmq-server CVE ID : CVE-2023-46118 It was discovered that missing input sanitising in the HTTP API endpoint of RabbitMQ, an implementation of the AMQP protocol, could result in denial of service. For the oldstable distribution (bullseye), this problem has been fixed in version 3.8.9-3+deb11u1. For the stable distribution (bookworm), this problem has been fixed in version 3.10.8-1.1+deb12u1. We recommend that you upgrade your rabbitmq-server packages. For the detailed security status of rabbitmq-server please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/rabbitmq-server Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Alert: RabbitMQ vulnerability detected, posing risks for input verification and potential downtime. Immediate action is recommended.. RabbitMQ Security Update, Debian DSA-5571-1, AMQP Protocol Fix. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Dec 01, 2023 Important Debian
197

Debian: DLA-3416-1 Critical: Emacs Input Sanitizing Risk

Xi Lu discovered that missing input sanitizing in Emacs could result in the execution of arbitrary shell commands. For Debian 10 buster, these problems have been fixed in version . -------------------------------------------------------------------------Debian LTS Advisory DLA-3416-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Markus Koschany May 10, 2023 https://wiki.debian.org/LTS -------------------------------------------------------------------------Package : emacs Version : 1:26.1+1-3.2+deb10u4 CVE ID : CVE-2022-48337 CVE-2022-48339 CVE-2023-28617 Debian Bug : 1031730 1033342 Xi Lu discovered that missing input sanitizing in Emacs could result in the execution of arbitrary shell commands. For Debian 10 buster, these problems have been fixed in version 1:26.1+1-3.2+deb10u4. We recommend that you upgrade your emacs packages. For the detailed security status of emacs please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/emacs Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . The Debian LTS Advisory DLA-3416-1 addresses security flaws in Emacs resulting from insufficient input validation.. Emacs Security, Debian LTS Updates, Input Sanitizing, Security Advisories. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 09, 2023 Critical Debian LTS
87

Debian: DSA-5338-1 Moderate: Cinder Information Disclosure Risk

Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou discovered that missing input sanitising in the handling of VMDK images in Cinder, the OpenStack block storage system, may result in information disclosure. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5338-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff February 01, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : cinder CVE ID : CVE-2022-47951 Debian Bug : 1029562 Guillaume Espanel, Pierre Libeau, Arnaud Morin and Damien Rannou discovered that missing input sanitising in the handling of VMDK images in Cinder, the OpenStack block storage system, may result in information disclosure. For the stable distribution (bullseye), this problem has been fixed in version 2:17.0.1-1+deb11u1. We recommend that you upgrade your cinder packages. For the detailed security status of cinder please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/cinder Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . The Debian security announcement underscores a significant vulnerability in Cinder's handling of VMDK files, leading to potential data breaches.. Debian Security, Cinder Security Update, OpenStack Information Disclosure. . LinuxSecurity.com Team

Calendar%202 Feb 01, 2023 Debian
87

Debian: DSA-4715-1 Urgent Imagemagick Security Patch for DoS Issues

This update fixes multiple vulnerabilities in Imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or potentially the execution of arbitrary code if malformed image files are processed. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4715-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff July 02, 2020 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : imagemagick CVE ID : CVE-2019-13300 CVE-2019-13304 CVE-2019-13306 CVE-2019-13307 CVE-2019-15140 CVE-2019-19948 This update fixes multiple vulnerabilities in Imagemagick: Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or potentially the execution of arbitrary code if malformed image files are processed. For the oldstable distribution (stretch), these problems have been fixed in version 8:6.9.7.4+dfsg-11+deb9u8. We recommend that you upgrade your imagemagick packages. For the detailed security status of imagemagick please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/imagemagick Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . The recent Ubuntu security report USN-4715-1 highlights several issues found in OpenSSL, encompassing severe threats.. Imagemagick Update, Debian Security, Memory Handling Issues, Code Execution Risks. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 02, 2020 Critical Debian
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200