Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentoosymlink attack

Gentoo: GLSA-202310-34 Moderate: Filezilla RCE Security Flaw Announced

An insecure temporary file usage has been reported in TkMan, allowing for symlink attacks.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200909-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: TkMan: Insecure temporary file usage Date: September 09, 2009 Bugs: #247540 ID: 200909-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= An insecure temporary file usage has been reported in TkMan, allowing for symlink attacks. Background ========= TkMan is a graphical, hypertext manual page and Texinfo browser for UNIX. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-text/tkman < 2.2-r1 > = 2.2-r1 Description ========== Dmitry E. Oboukhov reported that TkMan does not handle the "/tmp/tkman#####" and "/tmp/ll" temporary files securely. Impact ===== A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application. Workaround ========= There is no known workaround at this time. Resolution ========= All TkMan users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose =app-text/tkman-2.2-r1 References ========= [ 1 ] CVE-2008-5137 https://www.cve.org/CVERecord?id=CVE-2008-5137 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200909-07 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuringthe confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2009 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Gentoo Linux Advisory GLSA 202203-11 highlights a vulnerability in OpenSSH that poses a medium severity risk; updates recommended.. Gentoo Advisory, TkMan Security, Symlink Risks, Temporary File Issues. . LinuxSecurity.com Team

Calendar 2 Sep 09, 2009 Gentoo
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentoosymlink attack

Gentoo: 200809-08 Moderate: Amarok Symlink Attack Risk Report

Amarok uses temporary files in an insecure manner, allowing for a symlink attack.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200809-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Amarok: Insecure temporary file creation Date: September 08, 2008 Bugs: #234689 ID: 200809-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Amarok uses temporary files in an insecure manner, allowing for a symlink attack. Background ========= Amarok is an advanced music player. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-sound/amarok < 1.4.10 > = 1.4.10 Description ========== Dwayne Litzenberger reported that the MagnatuneBrowser::listDownloadComplete() function in magnatunebrowser/magnatunebrowser.cpp uses the album_info.xml temporary file in an insecure manner. Impact ===== A local attacker could perform a symlink attack to overwrite arbitrary files on the system with the privileges of the user running the application. Workaround ========= There is no known workaround at this time. Resolution ========= All Amarok users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =media-sound/amarok-1.4.10" References ========= [ 1 ] CVE-2008-3699 https://www.cve.org/CVERecord?id=CVE-2008-3699 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200809-08 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Enhance Amarok to mitigate symlink threat vulnerabilities stemming from inadequate temporary file management. Discover additional details today!. Amarok Symlink Attack, Insecure File Handling, Gentoo Security Advisory. . LinuxSecurity.com Team

Calendar 2 Sep 08, 2008 Gentoo
Banner 1 1028x280 1708121660 1771599717
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorysecurity issuedebian

Debian: DSA-1492-1 Moderate: WML Local Denial of Service

Frank Lichtenheld and Nico Golde discovered that WML, an off-line HTML generation toolkit, creates insecure temporary files in the eperl and ipp backends and in the wmg.cgi script, which could lead to local denial of service by overwriting files.. - ------------------------------------------------------------------------Debian Security Advisory DSA-1492-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Moritz Muehlenhoff February 10, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------Package : wml Vulnerability : insecure temporary files Problem type : local Debian-specific: no CVE Id(s) : CVE-2008-0665 CVE-2008-0666 Debian Bug : 463907 Frank Lichtenheld and Nico Golde discovered that WML, an off-line HTML generation toolkit, creates insecure temporary files in the eperl and ipp backends and in the wmg.cgi script, which could lead to local denial of service by overwriting files. For the stable distribution (etch), these problems have been fixed in version 2.0.11-1etch1. The old stable distribution (sarge) is not affected. We recommend that you upgrade your wml packages. Upgrade instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian 4.0 (stable) - -------------------Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: Size/MD5 checksum: 656 3c12d2b00552d3db815957c01c73b2cf Size/MD5 checksum: 3115230a26feebf4e59e9a6940f54c69dde05b5 Size/MD5 checksum: 24577 3242a88ced8598120cf6aba2bf9f69c4 alpha architecture (DEC Alpha) Size/MD5 checksum: 453998 29f9f2cffcd5becc205ba36a988a216f amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 452700 88033d2e3347e9b94061826b7856cdb0 hppa architecture (HP PA RISC) Size/MD5 checksum: 454656 5dd770e936b54880605d9d8c5c639d10 i386 architecture (Intel ia32) Size/MD5 checksum: 451672 be10fe25928ce83aadf119d98eb5cd43 ia64 architecture (Intel ia64) Size/MD5 checksum: 458406 c153522ee017b612f57a40b2e87787cb mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 450848 8dc62d7f99bf8a7e55b4ebf825cc8500 mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 449418 32d7a95ff9c4a184fe7f23f1e8a1cea3 powerpc architecture (PowerPC) Size/MD5 checksum: 452594 65e04ee9b968599ec772c95c7c24ee41 s390 architecture (IBM S/390) Size/MD5 checksum: 451058 dbbcea5a32cdcd5e6a0407665270fdd6 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 450772 297e44c330a2acc9c4829b46f53f1004 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian Security Advisory DSA-1492-1 http://www.debian.org/security/ Moritz Muehlenhoff February 10, . frank, lichtenheld, golde, off-line, generation, toolkit, creates. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 10, 2008 Important Debian
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianfile handling

Debian 3.0 & 3.1 DSA-960-3 Critical: File Handling Issue

Updated package.. - --------------------------------------------------------------------------Debian Security Advisory DSA 960-3 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Martin Schulze March 20th, 2006 http://www.debian.org/security/faq - --------------------------------------------------------------------------Package : libmail-audit-perl Vulnerability : insecure temporay file createion Problem type : local Debian-specific: no CVE ID : CVE-2005-4536 Debian Bug : 344029 The former update caused temporary files to be created in the current working directory due to a wrong function argument. This update will create temporary files in the users home directory if HOME is set or in the common temporary directory otherwise, usually /tmp. For completeness below is a copy of the original advisory text: Niko Tyni discovered that the Mail::Audit module, a Perl library for creating simple mail filters, logs to a temporary file with a predictable filename in an insecure fashion when logging is turned on, which is not the case by default. For the old stable distribution (woody) these problems have been fixed in version 2.0-4woody3. For the stable distribution (sarge) these problems have been fixed in version 2.1-5sarge4. For the unstable distribution (sid) these problems have been fixed in version 2.1-5.1. We recommend that you upgrade your libmail-audit-perl package. Upgrade Instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 aliaswoody - -------------------------------- Source archives: Size/MD5 checksum: 665 62b652343a832093ba685dd9d3b18ab8 Size/MD5 checksum: 6129 0b41c98f1bb290f6603aeb93729d3a30 Size/MD5 checksum: 12526 3bc6043611f0fabdd856498e25bd48f6 Architecture independent components: Size/MD5 checksum: 29620 444067ca6bd1319996aab95fa9390de0 Size/MD5 checksum: 8952 c984bed8ff43153a00a9f4b63069d2d7 Debian GNU/Linux 3.1 alias sarge - -------------------------------- Source archives: Size/MD5 checksum: 788 f313503b8ffc6df1cbd903666ca8a6fc Size/MD5 checksum: 4919 a3cff1ec8634add1753db93a6dccc402 Size/MD5 checksum: 21669 b52b1142fa9ed7d847c531186f913ea6 Architecture independent components: Size/MD5 checksum: 42056 dd9859e1298376d1bde353fb33af4e72 Size/MD5 checksum: 12306 96515c877e6155fc4836d1b19674b28a These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . The advisory from Debian highlights vulnerabilities in libmail-audit-perl related to improper file management, urging users to upgrade promptly for security.. libmail-audit-perl Update, Debian Security Fix, File Handling Issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 20, 2006 Critical Debian
Banner 1 1028x280 1708121660 1771599717
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycritical issueMySQL

Debian 3.0: DSA 483-1 Critical MySQL File Overwrite Threat

Two scripts contained in the package don't create temporary files in a secure fashion, which could lead to a root exploit.. Debian Security Advisory DSA 483-1 This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Martin Schulze April 14th, 2004 Debian -- Debian security FAQ - -------------------------------------------------------------------------- Package : mysql Vulnerability : insecure temporary file creation Problem-Type : local Debian-specific: no CVE IDs : CAN-2004-0381 CAN-2004-0388 Bugtraq ID : 9976 Two vulnerabilities have been discovered in mysql, a common database system. Two scripts contained in the package don't create temporary files in a secure fashion. This could allow a local attacker to overwrite files with the privileges of the user invoking the MySQL server, which is often the root user. The Common Vulnerabilities and Exposures identifies the following problems: CAN-2004-0381 The script mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack. CAN-2004-0388 The script mysqld_multi in MySQL allows local users to overwrite arbitrary files via a symlink attack. For the stable distribution (woody) these problems have been fixed in version 3.23.49-8.6. For the unstable distribution (sid) these problems will be fixed in version 4.0.18-6 of mysql-dfsg. We recommend that you upgrade your mysql, mysql-dfsg and related packages. Upgrade Instructions - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody --------------------------------- Source archives: Size/MD5 checksum: 875 5ddb12f783b137adb3713eb833b2b62c Size/MD5 checksum: 61688 651060d3e96cee5f78fa3a7627cd89a7 Size/MD5 checksum: 11861035 a2820d81997779a9fdf1f4b3c321564a Architecture independent components: Size/MD5 checksum: 16860 a38766469024146e445bff07f93e4954 Alpha architecture: Size/MD5 checksum: 277662 54b823e4e25f4b8e260ac82539bdf84f Size/MD5 checksum: 778718 e8d82f4d6e32a14e01e076314a094b03 Size/MD5 checksum: 163476 5bc948ab4f6ce862ebf9a64f2f7b6042 Size/MD5 checksum: 3634384 9d6e3871dfa018a87a516188e58dabfb ARM architecture: Size/MD5 checksum: 238300 9caaa0c9a0d9909ef403f791c8ccf137 Size/MD5 checksum: 634574 afc1a6cb70f1581a72b2f5904f8abf14 Size/MD5 checksum: 123878 facc6f6326dc1080019fe54e7516c44a Size/MD5 checksum: 2805988 c38af448095a9358fe292f41c7f44fb1 Intel IA-32 architecture: Size/MD5 checksum: 234634 5952137d0b86f6bfefd709ebfc0c624d Size/MD5 checksum: 576560 f8f9089209da42c1134f0157e62b4e49 Size/MD5 checksum: 122462 148429934c68f10c291ae8ffe0a6db8c Size/MD5 checksum: 2800616 afd1dfcf5424f78ce7836c96b0dd92b1 Intel IA-64 architecture: Size/MD5 checksum: 315010 a8678f1aa73cb3a4fcbac4e479109311 Size/MD5 checksum: 848558 63f12a1295198c791956d3d9ba3e6364 Size/MD5 checksum: 173738 d83526ec16d5ba18b66bb4f0962c44f1 Size/MD5 checksum: 4000100 78c9cfd1bba1711338a557bd4737832f HP Precision architecture: Size/MD5 checksum: 280566 e11769ec989c98b9e857c30206246e95 Size/MD5 checksum: 743656 5fe1d40d737c3de61e7cf31183125526 Size/MD5 checksum: 140540 29f2b8d797afc05de720bbc4d4a517e9 Size/MD5 checksum: 3514794 42eaa54090fb0e6497cd1359f29e9304 Motorola 680x0 architecture: Size/MD5 checksum: 227640 a7925061c360f47c83dcffd62b411358 Size/MD5 checksum: 557758 2545764c1f609dc28e4542e5f3d4b522 Size/MD5 checksum: 118356 47948f12e32fb25d7619c97b9f735486 Size/MD5 checksum: 2646508 9f49bf6d899ea6d768cfe51caa54c39c Big endian MIPS architecture: Size/MD5 checksum: 250892 4143d2fcad7a4b7f981fa666f6fdde65 Size/MD5 checksum: 688998 e9da91c9477edd7b93ea71d96734ad4c Size/MD5 checksum: 133836 c2e14bd75e1a68dabfa6ef4d0002fb30 Size/MD5 checksum: 2847932 696eac6a3c87c3ff747ed71d4ad03fe4 Little endian MIPS architecture: Size/MD5 checksum: 250550 f9a25d5a5ec4225c95bb799afb8029c6 Size/MD5 checksum: 688316 db428d75698cd72414b471d91615bd56 Size/MD5 checksum: 134178 bf6e0a0eb74cc8d7c4afd19f4d05d635 Size/MD5 checksum: 2839102 bff1d416c52801ef49af1ce4dcce8a17 PowerPC architecture: Size/MD5 checksum: 247660 4e4561d59aa84920423515c7f9177273 Size/MD5 checksum: 652592 b9f51e0286c747fc58e2aeac9cf3c621 Size/MD5 checksum: 129376 dc96676d319a7b0ee699b7f7f628e543 Size/MD5 checksum: 2823002 71952fc874cc70aa45a29bd6eb54cb50 IBM S/390 architecture: Size/MD5 checksum: 249960 0770d4308c3d28208bfc95f4d3473ae8 Size/MD5 checksum: 607056 b77cf4690bb666dccd2edacbb06c09e5 Size/MD5 checksum: 126362 eb38bd8e3f363a37dfb54844702fc4fd Size/MD5 checksum: 2691074 2e56d9a296a5d87388f1660510c5f8b3 Sun Sparc architecture: Size/MD5 checksum: 241178 5afe949aaacf4e7b66d292ab4efc90c0 Size/MD5 checksum: 615208 f117524a68678d8d3aac68260e6a24cd Size/MD5 checksum: 130352 a3d97c6a8b9e3d460bb6cefab2f8d5fd Size/MD5 checksum: 2939242 ef58492f8397d98a25277bccfdf96986 These files will probably be moved into the stable distribution on its next update. ---------------------------------------------------------------------------------- For apt-get: deb Debian -- Security Information stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . Debian DSA 483-1 highlights critical MySQL exploit allowing local file overwrites and recommends immediate upgrades.. Debian MySQL Exploit, Local File Overwrite Issue, MySQL Security Patch. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 14, 2004 Critical Debian
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here