Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalFedora

Fedora 31: FEDORA-2019-b123c48a8b High: Podman Vulnerability Reported

New upstream release. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-a658c47a7a 2019-05-04 00:16:11.078355 --------------------------------------------------------------------------------Name : bubblewrap Product : Fedora 30 Version : 0.3.3 Release : 2.fc30 URL : https://github.com/containers/bubblewrap Summary : Core execution tool for unprivileged containers Description : Bubblewrap (/usr/bin/bwrap) is a core execution engine for unprivileged containers that works as a setuid binary on kernels without user namespaces. --------------------------------------------------------------------------------Update Information: New upstream release --------------------------------------------------------------------------------ChangeLog: * Wed May 1 2019 Colin Walters - 0.3.3-2 - New upstream release --------------------------------------------------------------------------------References: [ 1 ] Bug #1695964 - bubblewrap: insecure use of /tmp [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1695964 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-a658c47a7a' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ ListGuidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . The essential execution utility bubblewrap in Fedora 30 has undergone a vital update tackling a significant security issue. Users are urged to perform the upgrade.. Fedora Update,bubblewrap security,container execution,upstream release. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 03, 2019 Important Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysecurity issuecritical

Fedora 26 FlightCrew 0.9.1: Critical Insecure /tmp Usage Fix

- security fix for rhbz 1450956. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-1f533a944e 2017-06-09 18:48:36.532267 --------------------------------------------------------------------------------Name : FlightCrew Product : Fedora 26 Version : 0.9.1 Release : 7.fc26 URL : https://sigil-ebook.com/ Summary : EPUB validator Description : FlightCrew is a C++ epub validator. --------------------------------------------------------------------------------Update Information: - security fix for rhbz 1450956 --------------------------------------------------------------------------------References: [ 1 ] Bug #1450956 - FlightCrew: Insecure use of /tmp https://bugzilla.redhat.com/show_bug.cgi?id=1450956 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade FlightCrew' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Fedora 26 has launched a crucial security update for FlightCrew, enhancing system integrity and user safety by addressing vulnerabilities and improving encryption protocols. FlightCrew Security Update,Fedora System Updates,C++ EPUB Validator,Security Fixes for Fedora. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 09, 2017 Critical Fedora
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical update

Fedora 22: 2015-06-23 Critical Update for Trafficserver

https://cwiki.apache.org/confluence/display/TS/What%27s+New+in+v5.3.x. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-10524 2015-06-23 03:02:27 -------------------------------------------------------------------------------- Name : trafficserver Product : Fedora 22 Version : 5.3.0 Release : 1.fc22 URL : https://trafficserver.apache.org/index.html Summary : Fast, scalable and extensible HTTP/1.1 compliant caching proxy server Description : Apache Traffic Server is a fast, scalable and extensible HTTP/1.1 compliant caching proxy server. -------------------------------------------------------------------------------- Update Information: https://cwiki.apache.org/confluence/display/TS/What%27s+New+in+v5.3.x -------------------------------------------------------------------------------- ChangeLog: * Sun Jun 21 2015 Peter Robinson 5.3.0-1 - Update to 5.3.0 LTS release - Build on aarch64 and power64 - Split perl bindings to sub package - Cleanup and modernise spec * Fri Jun 19 2015 Fedora Release Engineering - 5.0.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Sat May 2 2015 Kalev Lember - 5.0.1-3 - Rebuilt for GCC 5 C++11 ABI change -------------------------------------------------------------------------------- References: [ 1 ] Bug #1103173 - trafficserver: insecure temporary file usage [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1103173 [ 2 ] Bug #1103174 - trafficserver: insecure temporary file usage [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1103174 [ 3 ] Bug #1102559 - Add AArch64 support to trafficserver https://bugzilla.redhat.com/show_bug.cgi?id=1102559 [ 4 ] Bug #1179204 - trafficserver: incorrect handling of "Max-Forwards" header [fedora-21] https://bugzilla.redhat.com/show_bug.cgi?id=1179204 [ 5 ] Bug #1133387 - CVE-2014-3525 trafficserver: unspecified flaw related to health checks fixed inversions 4.2.1.1 and 5.0.1 [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1133387 [ 6 ] Bug #1179205 - trafficserver: incorrect handling of "Max-Forwards" header [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1179205 [ 7 ] Bug #994224 - trafficserver must be compiled with -fno-strict-aliasing, but it is not https://bugzilla.redhat.com/show_bug.cgi?id=994224 [ 8 ] Bug #955127 - trafficserver package should be built with PIE flags https://bugzilla.redhat.com/show_bug.cgi?id=955127 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update trafficserver' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Important patch for Trafficserver on Fedora 22 resolving transient file vulnerabilities and enhancing system efficiency.. Trafficserver Update,Fedora Software Update,Apache Proxy Server,HTTP Cache Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 03, 2015 Critical Fedora
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentoosymlink attack

Gentoo: GLSA-201206-17 Normal: Symlink Attack Risk in Virtualenv

An insecure temporary file usage has been reported in virtualenv, possibly allowing symlink attacks.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201206-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: virtualenv: Insecure temporary file usage Date: June 22, 2012 Bugs: #395285 ID: 201206-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= An insecure temporary file usage has been reported in virtualenv, possibly allowing symlink attacks. Background ========= virtualenv is a virtual Python environment builder. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-python/virtualenv < 1.5.1 > = 1.5.1 Description ========== The virtualenv.py script in virtualenv does not handle temporary files securely. Impact ===== A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application. Workaround ========= There is no known workaround at this time. Resolution ========= All virtualenv users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-python/virtualenv-1.5.1" References ========= [ 1 ] CVE-2011-4617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4617 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201206-17 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and securityof our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2012 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Unsecured temporary files in virtual environments can lead to symbolic link vulnerabilities; it is advisable to update to mitigate potential risks.. Virtualenv Security,Gentoo Advisory,Temp File Misuse,Symlink Attack Risk. . LinuxSecurity.com Team

Calendar 2 Jun 22, 2012 Gentoo
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here