Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
89
security advisorysoftware updateFedoraCritical Update for Samba in Fedora 41: Version 2025-c9b7df0f0d
Update to version 4.21.6. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-c9b7df0f0d 2025-06-08 02:30:29.772014+00:00 -------------------------------------------------------------------------------- Name : samba Product : Fedora 41 Version : 4.21.6 Release : 1.fc41 URL : Summary : Server and Client software to interoperate with Windows machines Description : Samba is the standard Windows interoperability suite of programs for Linux and Unix. -------------------------------------------------------------------------------- Update Information: Update to version 4.21.6 -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 3 2025 Günther Deschner - 2:4.21.6-1 - Update to version 4.21.6 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2370454 - CVE-2025-0620 samba: smbd doesn't pick up group membership changes when re-authenticating an expired SMB session [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2370454 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-c9b7df0f0d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . The latest Samba 4.21.6 update for Fedora 41 fixes significant issues and enhances compatibility with Windows systems.. Fedora Samba Update, Samba Interoperability, Software Version Update. . Severity: Critical. LinuxSecurity.com Team
Jun 08, 2025
•Critical
Fedora
89
security advisoryFedorainteroperabilityFedora 40: FEDORA-2024-bf524bf5c0 moderate: rust-tonic HTTP/2 updates
Update the hyper-rustls crate to version 0.27.3. Update the reqwest crate to version 0.12.8. Update the rustls-native-certs crate to version 0.8.0 and add a compat package for version 0.7. Update the tonic, tonic-build, and tonic-types crates to version 0.12.3.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-bf524bf5c0 2024-10-19 01:51:39.049884 -------------------------------------------------------------------------------- Name : rust-tonic Product : Fedora 40 Version : 0.12.3 Release : 1.fc40 URL : https://crates.io/crates/tonic Summary : GRPC over HTTP/2 implementation Description : A gRPC over HTTP/2 implementation focused on high performance, interoperability, and flexibility. -------------------------------------------------------------------------------- Update Information: Update the hyper-rustls crate to version 0.27.3. Update the reqwest crate to version 0.12.8. Update the rustls-native-certs crate to version 0.8.0 and add a compat package for version 0.7. Update the tonic, tonic-build, and tonic-types crates to version 0.12.3. Update the tower crate to version 0.5.1 and add a compat package for version 0.4. Update the tower-http crate to version 0.6.1 and add a compat package for version 0.5. -------------------------------------------------------------------------------- ChangeLog: * Tue Oct 8 2024 Cristian Le - 0.12.3-1 - Update to version 0.12.3 (RHBZ#2314947, RHBZ#2316020) -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-bf524bf5c0' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project canbe found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Oct 19, 2024
Fedora
89
security advisorycriticalFedoraFedora 33: FEDORA-2021-1d0807008b Severe: Samba Authentication Bug
Update to Samba 4.13.8 - Security fixes for CVE-2021-20254. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-1d0807008b 2021-05-07 00:47:07.535360 --------------------------------------------------------------------------------Name : samba Product : Fedora 33 Version : 4.13.8 Release : 0.fc33 URL : Summary : Server and Client software to interoperate with Windows machines Description : Samba is the standard Windows interoperability suite of programs for Linux and Unix. --------------------------------------------------------------------------------Update Information: Update to Samba 4.13.8 - Security fixes for CVE-2021-20254 --------------------------------------------------------------------------------ChangeLog: * Thu Apr 29 2021 Guenther Deschner - 4.13.8-0 - Update to Samba 4.13.8 - resolves: #1949442, #1955027 - Security fixes for CVE-2021-20254 --------------------------------------------------------------------------------References: [ 1 ] Bug #1949442 - CVE-2021-20254 samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token https://bugzilla.redhat.com/show_bug.cgi?id=1949442 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-1d0807008b' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
May 06, 2021
•Important
Fedora
100
security advisoryupdateimportantSUSE: 2020:0140-1 Important: java-11-openjdk Update Alert
An update that fixes 7 vulnerabilities is now available. . SUSE Security Update: Security update for java-11-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:0140-1 Rating: important References: #1160968 Cross-References: CVE-2020-2583 CVE-2020-2590 CVE-2020-2593 CVE-2020-2601 CVE-2020-2604 CVE-2020-2654 CVE-2020-2655 Affected Products: SUSE Linux Enterprise Server 12-SP5 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: This update for java-11-openjdk fixes the following issues: Update to version jdk-11.0.6-10 (January 2020 CPU, bsc#1160968) Fixing these security related issues: - CVE-2020-2583: Unlink Set of LinkedHashSets - CVE-2020-2590: Improve Kerberos interop capabilities - CVE-2020-2593: Normalize normalization for all - CVE-2020-2601: Better Ticket Granting Services - CVE-2020-2604: Better serial filter handling - CVE-2020-2655: Better TLS messaging support - CVE-2020-2654: Improve Object Identifier Processing Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-140=1 Package List: - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): java-11-openjdk-11.0.6.0-3.6.1 java-11-openjdk-debuginfo-11.0.6.0-3.6.1 java-11-openjdk-debugsource-11.0.6.0-3.6.1 java-11-openjdk-demo-11.0.6.0-3.6.1 java-11-openjdk-devel-11.0.6.0-3.6.1 java-11-openjdk-headless-11.0.6.0-3.6.1 References: https://www.suse.com/security/cve/CVE-2020-2583.html https://www.suse.com/security/cve/CVE-2020-2590.html https://www.suse.com/security/cve/CVE-2020-2593.html https://www.suse.com/security/cve/CVE-2020-2601.html https://www.suse.com/security/cve/CVE-2020-2604.html https://www.suse.com/security/cve/CVE-2020-2654.html https://www.suse.com/security/cve/CVE-2020-2655.html https://bugzilla.suse.com/1160968 _______________________________________________ sle-security-updates mailing list
Jan 20, 2020
•Important
SuSE
172
security advisoryDoSsambaUbuntu 12.04 LTS USN-2950-4 Critical: Samba Network Issue
USN-2950-1 introduced regressions in Samba.. =========================================================================Ubuntu Security Notice USN-2950-4 May 18, 2016 samba regressions ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 LTS Summary: USN-2950-1 introduced regressions in Samba. Software Description: - samba: SMB/CIFS file, print, and login server for Unix Details: USN-2950-1 fixed vulnerabilities in Samba. The backported fixes introduced in Ubuntu 12.04 LTS caused interoperability issues. This update fixes compatibility with certain NAS devices, and allows connecting to Samba 3.6 servers by relaxing the "client ipc signing" parameter to "auto". We apologize for the inconvenience. Original advisory details: Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. (CVE-2015-5370) Stefan Metzmacher discovered that Samba contained multiple flaws in the NTLMSSP authentication implementation. A remote attacker could use this issue to downgrade connections to plain text by performing a man in the middle attack. (CVE-2016-2110) Alberto Solino discovered that a Samba domain controller would establish a secure connection to a server with a spoofed computer name. A remote attacker could use this issue to obtain sensitive information. (CVE-2016-2111) Stefan Metzmacher discovered that the Samba LDAP implementation did not enforce integrity protection. A remote attacker could use this issue to hijack LDAP connections by performing a man in the middle attack. (CVE-2016-2112) Stefan Metzmacher discovered that Samba did not validate TLS certificates. A remote attacker could use this issue to spoof a Samba server. (CVE-2016-2113) Stefan Metzmacher discovered that Samba did not enforce SMB signing even if configured to. A remote attacker could use this issue to perform a man in the middle attack. (CVE-2016-2114) Stefan Metzmacher discovered that Samba did not enable integrity protection for IPC traffic. A remote attacker could use this issue to perform a man in the middle attack. (CVE-2016-2115) Stefan Metzmacher discovered that Samba incorrectly handled the MS-SAMR and MS-LSAD protocols. A remote attacker could use this flaw with a man in the middle attack to impersonate users and obtain sensitive information from the Security Account Manager database. This flaw is known as Badlock. (CVE-2016-2118) Samba has been updated to 4.3.8 in Ubuntu 14.04 LTS and Ubuntu 15.10. Ubuntu 12.04 LTS has been updated to 3.6.25 with backported security fixes. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Configuration changes may be required in certain environments. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: samba 2:3.6.25-0ubuntu0.12.04.4 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-2950-4 https://ubuntu.com/security/notices/USN-2950-1 https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1574403, https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1576109 Package Information: https://launchpad.net/ubuntu/+source/samba/2:3.6.25-0ubuntu0.12.04.4 . Ubuntu 12.04 LTS experienced Samba setbacks hindering file transfer functionality. Apply the latest patch to resolve compatibility and security vulnerabilities.. Ubuntu Samba Update, Samba Security Advisory, Network Compatibility Fix. . Severity: Critical. LinuxSecurity.com Team
May 18, 2016
•Critical
Ubuntu
172
security advisorydenial of servicesecurity issueUbuntu 16.04 USN-2950-3 Moderate: Samba Regression Issues
USN-2950-1 introduced regressions in Samba.. =========================================================================Ubuntu Security Notice USN-2950-3 May 04, 2016 samba regressions ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS - Ubuntu 15.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: USN-2950-1 introduced regressions in Samba. Software Description: - samba: SMB/CIFS file, print, and login server for Unix Details: USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. Backported regression fixes were added to Samba 3.6.25 in Ubuntu 12.04 LTS. This advisory was inadvertently published as USN-2950-2 originally. Original advisory details: Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. (CVE-2015-5370) Stefan Metzmacher discovered that Samba contained multiple flaws in the NTLMSSP authentication implementation. A remote attacker could use this issue to downgrade connections to plain text by performing a man in the middle attack. (CVE-2016-2110) Alberto Solino discovered that a Samba domain controller would establish a secure connection to a server with a spoofed computer name. A remote attacker could use this issue to obtain sensitive information. (CVE-2016-2111) Stefan Metzmacher discovered that the Samba LDAP implementation did not enforce integrity protection. A remote attacker could use this issue to hijack LDAP connections by performing a man in the middle attack. (CVE-2016-2112) StefanMetzmacher discovered that Samba did not validate TLS certificates. A remote attacker could use this issue to spoof a Samba server. (CVE-2016-2113) Stefan Metzmacher discovered that Samba did not enforce SMB signing even if configured to. A remote attacker could use this issue to perform a man in the middle attack. (CVE-2016-2114) Stefan Metzmacher discovered that Samba did not enable integrity protection for IPC traffic. A remote attacker could use this issue to perform a man in the middle attack. (CVE-2016-2115) Stefan Metzmacher discovered that Samba incorrectly handled the MS-SAMR and MS-LSAD protocols. A remote attacker could use this flaw with a man in the middle attack to impersonate users and obtain sensitive information from the Security Account Manager database. This flaw is known as Badlock. (CVE-2016-2118) Samba has been updated to 4.3.8 in Ubuntu 14.04 LTS and Ubuntu 15.10. Ubuntu 12.04 LTS has been updated to 3.6.25 with backported security fixes. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Configuration changes may be required in certain environments. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: samba 2:4.3.9+dfsg-0ubuntu0.16.04.1 Ubuntu 15.10: samba 2:4.3.9+dfsg-0ubuntu0.15.10.1 Ubuntu 14.04 LTS: samba 2:4.3.9+dfsg-0ubuntu0.14.04.1 Ubuntu 12.04 LTS: samba 2:3.6.25-0ubuntu0.12.04.3 This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-2950-3 https://ubuntu.com/security/notices/USN-2950-1 https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1577739 Package Information: https://launchpad.net/ubuntu/+source/samba/2:4.3.9+dfsg-0ubuntu0.16.04.1 https://launchpad.net/ubuntu/+source/samba/2:4.3.9+dfsg-0ubuntu0.15.10.1 https://launchpad.net/ubuntu/+source/samba/2:4.3.9+dfsg-0ubuntu0.14.04.1 https://launchpad.net/ubuntu/+source/samba/2:3.6.25-0ubuntu0.12.04.3 . Recent updates for Ubuntu 16.04 and 15.10 address Samba vulnerabilities and performance issues, ensuring secure and efficient file sharing and printing services. Samba Update, Ubuntu Security, Security Threats. . LinuxSecurity.com Team
May 04, 2016
Ubuntu
89
security advisorysecurity updateFedoraFedora 22: Samba 4.2.7 Security Update For Software Flaws
Update to Samba 4.2.7 (security release). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-0e0879cc8a 2015-12-26 21:27:04.026871 -------------------------------------------------------------------------------- Name : samba Product : Fedora 22 Version : 4.2.7 Release : 0.fc22 URL : / Summary : Server and Client software to interoperate with Windows machines Description : Samba is the standard Windows interoperability suite of programs for Linux and Unix. -------------------------------------------------------------------------------- Update Information: Update to Samba 4.2.7 (security release) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1292069 - CVE-2015-5299 CVE-2015-7540 CVE-2015-3223 CVE-2015-5252 CVE-2015-5296 samba: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1292069 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update samba' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Dec 26, 2015
•Critical
Fedora
89
security advisorysecurity issuesoftware updateFedora 23 Samba Update: 2015-b36076d32e Critical Flaw Fix
Update to Samba 4.3.3 (security release). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-b36076d32e 2015-12-18 04:57:24.069012 -------------------------------------------------------------------------------- Name : samba Product : Fedora 23 Version : 4.3.3 Release : 0.fc23 URL : / Summary : Server and Client software to interoperate with Windows machines Description : Samba is the standard Windows interoperability suite of programs for Linux and Unix. -------------------------------------------------------------------------------- Update Information: Update to Samba 4.3.3 (security release) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1292069 - CVE-2015-5299 CVE-2015-7540 CVE-2015-3223 CVE-2015-5252 CVE-2015-5296 samba: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1292069 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update samba' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
Dec 18, 2015
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!