Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
100
security advisorydenial of serviceSuSESUSE 2026 Multi-Linux Manager Important DoS Vuln 2025-68156 2026-0630-1
An update that solves two vulnerabilities, contains three features and has 21 security fixes can now be installed.. # Security update 5.1.2 for Multi-Linux Manager Client Tools Announcement ID: SUSE-SU-2026:0630-1 Release Date: 2026-02-25T09:46:13Z Rating: important References: * bsc#1227579 * bsc#1247644 * bsc#1247721 * bsc#1248848 * bsc#1249400 * bsc#1249532 * bsc#1250940 * bsc#1250976 * bsc#1250981 * bsc#1251044 * bsc#1251138 * bsc#1251995 * bsc#1253004 * bsc#1253174 * bsc#1253282 * bsc#1253347 * bsc#1253659 * bsc#1253738 * bsc#1253966 * bsc#1254478 * bsc#1255340 * bsc#1255588 * bsc#1255781 * jsc#MSQA-1040 * jsc#PED-13824 * jsc#PED-14971 Cross-References: * CVE-2025-12816 * CVE-2025-68156 CVSS scores: * CVE-2025-12816 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N * CVE-2025-12816 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N * CVE-2025-68156 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-68156 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-68156 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Multi-Linux Manager Client Tools for SLE 15 * SUSE Multi-Linux Manager Client Tools for SLE Micro 5 An update that solves two vulnerabilities, contains three features and has 21 security fixes can now be installed. ## Description: This update fixes the following issues: dracut-saltboot: * Update to version 1.1.0 * Retry DHCP requests up to 3 times (bsc#1253004) golang-github-QubitProducts-exporter_exporter: * Non-customer-facing optimization around source building golang-github-boynux-squid_exporter: * Update to version 1.13.0 (jsc#PED-14971) * Add support for squid-internal-mgr path for metrics. * Update to version 1.12.0 * Add TLS and basic authentication support for the web interface. * Update to version 1.11.0 * Allow adding custom labels to all metrics. * Update to version 1.10.0 * Add ability to configure the exporter using environment variables. * Add support for Squid 6 * Add `squid_up` metric * Add `squid_scrape_duration_seconds` metric * Add `squid_scrape_error` metric * Update to version 1.9.0 * Add `process_open_fds` metric to monitor open file descriptors. * Use `CAP_DAC_READ_SEARCH` capability to allow reading process information without running as root. * Update to version 1.8.0 * Add various service time metrics to provide more detailed performance data. * Update to version 1.7.0 * Add support for basic authentication against the Squid proxy. * Fix `squid_client_http_requests_total` metric * Upstream changes for v1.9.0: * Use `CAP_DAC_READ_SEARCH` capability to allow reading process information without running as root. * Upstream changes for v1.8.0: * Add various service time metrics to provide more detailed performance data. * Upstream changes for v1.7.0: Squid proxy.Update to version 1.10.0 * Add ability to configure the exporter using environment variables. * Add `process_open_fds` metric to monitor open file descriptors. * Use `CAP_DAC_READ_SEARCH` capability to allow reading process information without running as root. * Add various service time metrics to provide more detailed performance data. * Add support for basic authentication against the Squid proxy. * Use current distro go default version. Use auto-versioning on SUSE as well. golang-github-lusitaniae-apache_exporter: * Build without apparmor for openSUSE Leap 16, SLES 16 or newer * Require Go 1.23 for building * Update to version 1.0.10 * Update github.com/prometheus/client_golang to 1.21.1 * Update github.com/prometheus/common to 0.63.0 * Update github.com/prometheus/exporter-toolkit to 0.14.0 * Update to version 1.0.9 * Update github.com/prometheus/client_golang to 1.20.4 * Update github.com/prometheus/common to 0.59.1 * Update github.com/prometheus/exporter-toolkit to 0.13.0 * Migrate logging tolog/slog * Fix signal handler logging golang-github-prometheus-alertmanager: * Non-customer-facing optimization around source building golang-github-prometheus-node_exporter: * Non-customer-facing optimization around source building golang-github-prometheus-prometheus: * CVE-2025-12816: Interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588) * Update to 3.5.0 (jsc#PED-13824): This is a Long-Term Support (LTS) release. * [FEATURE] Remote-write: Add support for Azure Workload Identity as an authentication method for the receiver. * [FEATURE] PromQL: Add first_over_time(...) and ts_of_first_over_time(...) behind feature flag. * [FEATURE] Federation: Add support for native histograms with custom buckets (NHCB). * [ENHANCEMENT] PromQL: Add warn-level annotations for counter reset conflicts in certain histogram operations. * [ENHANCEMENT] UI: Add scrape interval and scrape timeout to targets page. * Update to 3.4.0: * [FEATURE] SD: Add unified AWS service discovery for ec2, lightsail and ecs services. * [FEATURE] Native histograms are now a stable, but optional feature. * [FEATURE] UI: Show detailed relabeling steps for each discovered target. * [ENHANCEMENT] Alerting: Add "unknown" state for alerting rules that haven't been evaluated yet. * [BUGFIX] Scrape: Fix a bug where scrape cache would not be cleared on startup. * Update to 3.3.0: * [FEATURE] Spring Boot 3.3 includes support for the Prometheus Client 1.x. * [ENHANCEMENT] Dependency management for Dropwizard Metrics has been removed. * Update to 3.2.0: * [FEATURE] OAuth2: support jwt-bearer grant-type (RFC7523 3.1). * [ENHANCEMENT] PromQL: Reconcile mismatched NHCB bounds in Add and Sub. * [BUGFIX] TSDB: Native Histogram Custom Bounds with a NaN threshold are now rejected. * Update to 3.1.0: * [FEATURE] Remote-write 2 (receiving): Update to 2.0-rc.4 spec. "created timestamp" (CT) is now called "start timestamp" (ST). *[BUGFIX] Mixin: Add static UID to the remote-write dashboard. * Update to 3.0.1: * [BUGFIX] Promql: Make subqueries left open. * [BUGFIX] Fix memory leak when query log is enabled. * [BUGFIX] Support utf8 names on /v1/label/:name/values endpoint. * Update to 3.0.0: This release includes new features such as a brand new UI and UTF-8 support enabled by default. * [CHANGE] Deprecated feature flags removed. * [FEATURE] New UI. * [FEATURE] Remote Write 2.0. * [FEATURE] OpenTelemetry Support. * [FEATURE] UTF-8 support is now stable and enabled by default. * [FEATURE] OTLP Ingestion. * [FEATURE] Native Histograms. * [BUGFIX] PromQL: Fix count_values for histograms. * [BUGFIX] TSDB: Fix race on stale values in headAppender. * [BUGFIX] UI: Fix selector / series formatting for empty metric names. * Update to 2.55.0: * [FEATURE] PromQL: Add `last_over_time` function. * [FEATURE] Agent: Add `prometheus_agent_build_info` metric. * [ENHANCEMENT] PromQL: Optimise `group()` and `group by()`. * [ENHANCEMENT] TSDB: Reduce memory usage when loading blocks. * [BUGFIX] Scrape: Fix a bug where a target could be scraped multiple times. * Update to 2.54.0: This release brings a release candidate of a major new version of Remote Write: 2.0. * [CHANGE] Remote-Write: highest_timestamp_in_seconds and queue_highest_sent_timestamp_seconds metrics now initialized to 0. * [CHANGE] API: Split warnings from info annotations in API response. * [FEATURE] Remote-Write: Version 2.0 experimental, plus metadata in WAL via feature flag. * [FEATURE] PromQL: add limitk() and limit_ratio() aggregation operators. * [ENHANCEMENT] PromQL: Accept underscores in literal numbers. * [ENHANCEMENT] PromQL: float literal numbers and durations are now interchangeable (experimental). * [ENHANCEMENT] PromQL (experimental native histograms): Optimize histogram_count and histogram_sum functions. * [BUGFIX] PromQL: Fix various issues with native histograms. * [BUGFIX] OTLP receiver:Allow colons in non-standard units. grafana: * CVE-2025-68156: Fix potential DoS via unbounded recursion in builtin functions (bsc#1255340) mgr-push: * Version 5.1.5-0 * Non-customer-facing optimization and update prometheus-blackbox_exporter: * Non-customer-facing optimization and update rhnlib: * Version 5.1.4-0 * Non-customer-facing optimization and update spacecmd: * Version 5.1.12-0 * Fix spacecmd binary file upload (bsc#1253659) * Fix typo in spacecmd help ca-cert flag (bsc#1253174) * Convert cached IDs to int (bsc#1251995) * Fix methods in api namespace in spacecmd (bsc#1249532) * Make caching code Py 2.7 compatible * Use JSON instead of pickle for spacecmd cache (bsc#1227579) * Python 2.7 cannot re-raise exceptions spacewalk-client-tools: * Version 5.1.8-0 * Non-customer-facing optimization and update supportutils-plugin-susemanager-client: * Version 5.1.5-0 * Non-customer-facing optimization and update uyuni-common-libs: * Version 5.1.5-0 * Non-customer-facing optimization and update uyuni-tools: * Version 5.1.24-0 * Actually use the --dbupgrade-tag parameter when computing the image URL (bsc#1249400) * Handle CA files with symlinks during migration (bsc#1251044) * Adjust traefik exposed configuration for chart v27+ (bsc#1247721) * Fix systemd object initialization in server rename. (bsc#1250981) * Add SSL secrets to the db setup container during migration. (bsc#1250976) * Fix images handling in mgrpxy support ptf (bsc#1250940) * Fix helm upgrade parameters (bsc#1253966) * Detect custom apache and squid config in the /etc/uyuni/proxy folder * Add ssh tuning to configure sshd (bsc#1253738) * Move the SSL checks at the beginning of the migration * Remove cgroup mount for podman containers (bsc#1253347) * Convert the traefik install time to local time (bsc#1251138) * During migration, krb5.conf.d should be copied in /etc/rhn (bsc#1254478) * Read env var from http conf file (bsc#1253282) * Add --registry-host,--registry-user and --registry-password to pull images from an authenticate registry * Deprecate --registry * Unify backup create and restore dryrun option case * Fix calling of squid -z in mgrpxy cache clear (bsc#1247644) * Always start database container even if enabled * Remove extra ipv6 mapping and nftables workaround (bsc#1248848) * Remove old PostgreSQL exporter environment file before migration * Support config command parse correctly supportconfig output (bsc#1255781) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Multi-Linux Manager Client Tools for SLE 15 zypper in -t patch SUSE-MultiLinuxManagerTools-SLE-15-2026-630=1 * SUSE Multi-Linux Manager Client Tools for SLE Micro 5 zypper in -t patch SUSE-MultiLinuxManagerTools-SLE-Micro-5-2026-630=1 ## Package List: * SUSE Multi-Linux Manager Client Tools for SLE 15 (noarch) * python3-spacewalk-client-tools-5.1.8-150002.3.6.1 * dracut-saltboot-1.1.0-150002.3.6.1 * mgrctl-zsh-completion-5.1.24-150002.3.9.1 * mgrctl-bash-completion-5.1.24-150002.3.9.1 * supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1 * spacewalk-client-tools-5.1.8-150002.3.6.1 * mgr-push-5.1.5-150002.3.6.2 * spacecmd-5.1.12-150002.3.6.1 * mgrctl-lang-5.1.24-150002.3.9.1 * python3-mgr-push-5.1.5-150002.3.6.2 * python3-rhnlib-5.1.4-150002.3.6.1 * SUSE Multi-Linux Manager Client Tools for SLE 15 (aarch64 ppc64le s390x x86_64) * grafana-11.5.10-150002.4.9.1 * golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1 * golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1 * golang-github-prometheus-prometheus-debuginfo-3.5.0-150002.3.3.1 * prometheus-blackbox_exporter-0.26.0-150002.3.3.1 * firewalld-prometheus-config-0.1-150002.3.3.1 * golang-github-prometheus-prometheus-3.5.0-150002.3.3.1 *mgrctl-5.1.24-150002.3.9.1 * golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1 * golang-github-lusitaniae-apache_exporter-debuginfo-1.0.10-150002.3.3.1 * golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1 * golang-github-prometheus-node_exporter-debuginfo-1.9.1-150002.3.3.1 * mgrctl-debuginfo-5.1.24-150002.3.9.1 * python3-uyuni-common-libs-5.1.5-150002.3.3.1 * golang-github-boynux-squid_exporter-debuginfo-1.13.0-150002.3.3.1 * golang-github-prometheus-alertmanager-debuginfo-0.28.1-150002.4.6.1 * grafana-debuginfo-11.5.10-150002.4.9.1 * golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1 * SUSE Multi-Linux Manager Client Tools for SLE Micro 5 (noarch) * mgrctl-lang-5.1.24-150002.3.9.1 * dracut-saltboot-1.1.0-150002.3.6.1 * mgrctl-zsh-completion-5.1.24-150002.3.9.1 * mgrctl-bash-completion-5.1.24-150002.3.9.1 * SUSE Multi-Linux Manager Client Tools for SLE Micro 5 (aarch64 ppc64le s390x x86_64) * golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1 * prometheus-blackbox_exporter-0.26.0-150002.3.3.1 * mgrctl-debuginfo-5.1.24-150002.3.9.1 * golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1 * golang-github-prometheus-node_exporter-debuginfo-1.9.1-150002.3.3.1 * mgrctl-5.1.24-150002.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2025-12816.html * https://www.suse.com/security/cve/CVE-2025-68156.html * https://bugzilla.suse.com/show_bug.cgi?id=1227579 * https://bugzilla.suse.com/show_bug.cgi?id=1247644 * https://bugzilla.suse.com/show_bug.cgi?id=1247721 * https://bugzilla.suse.com/show_bug.cgi?id=1248848 * https://bugzilla.suse.com/show_bug.cgi?id=1249400 * https://bugzilla.suse.com/show_bug.cgi?id=1249532 * https://bugzilla.suse.com/show_bug.cgi?id=1250940 * https://bugzilla.suse.com/show_bug.cgi?id=1250976 * https://bugzilla.suse.com/show_bug.cgi?id=1250981 * https://bugzilla.suse.com/show_bug.cgi?id=1251044 *https://bugzilla.suse.com/show_bug.cgi?id=1251138 * https://bugzilla.suse.com/show_bug.cgi?id=1251995 * https://bugzilla.suse.com/show_bug.cgi?id=1253004 * https://bugzilla.suse.com/show_bug.cgi?id=1253174 * https://bugzilla.suse.com/show_bug.cgi?id=1253282 * https://bugzilla.suse.com/show_bug.cgi?id=1253347 * https://bugzilla.suse.com/show_bug.cgi?id=1253659 * https://bugzilla.suse.com/show_bug.cgi?id=1253738 * https://bugzilla.suse.com/show_bug.cgi?id=1253966 * https://bugzilla.suse.com/show_bug.cgi?id=1254478 * https://bugzilla.suse.com/show_bug.cgi?id=1255340 * https://bugzilla.suse.com/show_bug.cgi?id=1255588 * https://bugzilla.suse.com/show_bug.cgi?id=1255781 * https://jira.suse.com/browse/MSQA-1040 * https://jira.suse.com/browse/PED-13824 * https://jira.suse.com/browse/PED-14971 . An important security update addressing two issues and providing new features for SUSE Multi-Linux Manager Client Tools.. SUSE security update, Multi-Linux Manager, CVE-2025-12816, CVE-2025-68156, security fixes. . Severity: Important. LinuxSecurity.com Team
Feb 25, 2026
•Important
SuSE
100
security advisorySuSEremote code executionSUSE golang-github-prometheus-prometheus Key Security Update 2026-20232-1
An update that solves two vulnerabilities and contains one feature can now be installed.. # Security update for golang-github-prometheus-prometheus Announcement ID: SUSE-SU-2026:20232-1 Release Date: 2026-02-05T10:44:24Z Rating: important References: * bsc#1255588 * bsc#1257329 * jsc#PED-13824 Cross-References: * CVE-2025-12816 * CVE-2025-13465 CVSS scores: * CVE-2025-12816 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N * CVE-2025-12816 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N * CVE-2025-13465 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-13465 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2025-13465 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:H/SI:H/SA:H/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves two vulnerabilities and contains one feature can now be installed. ## Description: This update for golang-github-prometheus-prometheus fixes the following issues: Update to version 3.5.0: Security issues fixed: * CVE-2025-13465: prototype pollution in the _.unset and_.omit functions can lead to deletion of methods from global (bsc#1257329). * CVE-2025-12816: interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588). Other updates and bugfixes: * Update to 3.5.0 (jsc#PED-13824): * [FEATURE] Remote-write: Add support for Azure Workload Identity as an authentication method for the receiver. * [FEATURE] PromQL: Add first_over_time(...) and ts_of_first_over_time(...) behind feature flag. * [FEATURE] Federation: Add support for native histograms with custom buckets (NHCB). * [ENHANCEMENT] PromQL: Add warn-level annotations for counter reset conflicts in certainhistogram operations. * [ENHANCEMENT] UI: Add scrape interval and scrape timeout to targets page. * Update to 3.4.0: * Add unified AWS service discovery for ec2, lightsail and ecs services. * [FEATURE] Native histograms are now a stable, but optional feature. * [FEATURE] UI: Show detailed relabeling steps for each discovered target. * [ENHANCEMENT] Alerting: Add "unknown" state for alerting rules that haven't been evaluated yet. * [BUGFIX] Scrape: Fix a bug where scrape cache would not be cleared on startup. * Update to 3.3.0: * [FEATURE] Spring Boot 3.3 includes support for the Prometheus Client 1.x. * [ENHANCEMENT] Dependency management for Dropwizard Metrics has been removed. * Update to 3.2.0: * [FEATURE] OAuth2: support jwt-bearer grant-type (RFC7523 3.1). * [ENHANCEMENT] PromQL: Reconcile mismatched NHCB bounds in Add and Sub. * [BUGFIX] TSDB: Native Histogram Custom Bounds with a NaN threshold are now rejected. * Update to 3.1.0: * [FEATURE] Remote-write 2 (receiving): Update to 2.0-rc.4 spec. "created timestamp" (CT) is now called "start timestamp" (ST). * [BUGFIX] Mixin: Add static UID to the remote-write dashboard. * Update to 3.0.1: * [BUGFIX] Promql: Make subqueries left open. * [BUGFIX] Fix memory leak when query log is enabled. * [BUGFIX] Support utf8 names on /v1/label/:name/values endpoint. * Update to 3.0.0: * [CHANGE] Deprecated feature flags removed. * [FEATURE] New UI. * [FEATURE] Remote Write 2.0. * [FEATURE] OpenTelemetry Support. * [FEATURE] UTF-8 support is now stable and enabled by default. * [FEATURE] OTLP Ingestion. * [FEATURE] Native Histograms. * [BUGFIX] PromQL: Fix count_values for histograms. * [BUGFIX] TSDB: Fix race on stale values in headAppender. * [BUGFIX] UI: Fix selector / series formatting for empty metric names. * Update to 2.55.0: * [FEATURE] PromQL: Add `last_over_time` function. * [FEATURE] Agent: Add `prometheus_agent_build_info` metric. * [ENHANCEMENT] PromQL:Optimise `group()` and `group by()`. * [ENHANCEMENT] TSDB: Reduce memory usage when loading blocks. * [BUGFIX] Scrape: Fix a bug where a target could be scraped multiple times. * Update to 2.54.0: * [CHANGE] Remote-Write: highest_timestamp_in_seconds and queue_highest_sent_timestamp_seconds metrics now initialized to 0. * [CHANGE] API: Split warnings from info annotations in API response. * [FEATURE] Remote-Write: Version 2.0 experimental, plus metadata in WAL via feature flag. * [FEATURE] PromQL: add limitk() and limit_ratio() aggregation operators. * [ENHANCEMENT] PromQL: Accept underscores in literal numbers. * [ENHANCEMENT] PromQL: float literal numbers and durations are now interchangeable (experimental). * [ENHANCEMENT] PromQL (experimental native histograms): Optimize histogram_count and histogram_sum functions. * [BUGFIX] PromQL: Fix various issues with native histograms. * [BUGFIX] TSDB: Fix race on stale values in headAppender. * [BUGFIX] OTLP receiver: Allow colons in non-standard units. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patch SUSE-SLES-16.0-243=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-243=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-prometheus-3.5.0-160000.1.1 * golang-github-prometheus-prometheus-debuginfo-3.5.0-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * golang-github-prometheus-prometheus-3.5.0-160000.1.1 * golang-github-prometheus-prometheus-debuginfo-3.5.0-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-12816.html * https://www.suse.com/security/cve/CVE-2025-13465.html *https://bugzilla.suse.com/show_bug.cgi?id=1255588 * https://bugzilla.suse.com/show_bug.cgi?id=1257329 * https://jira.suse.com/browse/PED-13824 . A security update for golang-github-prometheus-prometheus in SUSE fixes two vulnerabilities and enhances features effectively.. SUSE Security Update, golang-github-prometheus, Critical Vulnerabilities, Security Enhancements. . Severity: Important. LinuxSecurity.com Team
Feb 11, 2026
•Important
SuSE
87
security advisorycriticaldebianDebian 5.0 Lenny DSA-1895-2 Critical: Opensaml2 Remote Issue
In DSA-1895-1, the xmltooling package was updated to address several security issues. It turns out that the change related to SAML metadata processing for key constraints caused problems when applied without the matching changes in the opensaml2 and shibboleth-sp2 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1895-2
Oct 09, 2009
•Critical
Debian
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!