Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 42 articles for you...
203
security advisoryupdatebug fixMageia 9 python-astropy Bug Fix Advisory MGAA-2026-0028
MGAA-2026-0028 - Updated python-astropy packages fix bug. MGAA-2026-0028 - Updated python-astropy packages fix bug Publication date: 17 Apr 2026 URL: https://advisories.mageia.org/MGAA-2026-0028.html Type: bugfix Affected Mageia releases: 9 Description: python3-astropy missed the python3-configobj requirement. This update fixes the reported issue. References: - https://bugs.mageia.org/show_bug.cgi?id=35367 SRPMS: - 9/core/python-astropy-5.1.1-1.2.mga9 . Updated python-astropy packages in Mageia resolve bugs enhancing system functionality and requirements.. Mageia, python-astropy, package update, bug fix, software installation. . LinuxSecurity.com Team
Apr 17, 2026
Mageia
203
security advisoryapplication crashbugfixMageia 9 ZynAddSubFX Bugfix Advisory MGAA-2026-0024 Released Soon
MGAA-2026-0024 - Updated zynaddsubfx packages fix bug. MGAA-2026-0024 - Updated zynaddsubfx packages fix bug Publication date: 31 Mar 2026 URL: https://advisories.mageia.org/MGAA-2026-0024.html Type: bugfix Affected Mageia releases: 9 Description: The application crashes whe you try to refresh bank list. This update fixes the reported issue. References: - https://bugs.mageia.org/show_bug.cgi?id=33935 SRPMS: - 9/core/zynaddsubfx-3.0.6-1.1.mga9 . Updated zynaddsubfx packages for Mageia resolve critical crashes affecting application functionality.. Mageia, zynaddsubfx, application crash, bugfix, security advisory. . LinuxSecurity.com Team
Mar 31, 2026
Mageia
100
security advisorySuSEimportantSUSE: Kernel-Livepatch Important Security Issues Resolved 2025:20918-1
* bsc#1246075 * bsc#1247158 * bsc#1247452 * bsc#1248376 * bsc#1248673 . # Security update for kernel-livepatch-MICRO-6-0-RT_Update_10 Announcement ID: SUSE-SU-2025:20918-1 Release Date: 2025-10-24T10:10:54Z Rating: important References: * bsc#1246075 * bsc#1247158 * bsc#1247452 * bsc#1248376 * bsc#1248673 * bsc#1248749 * bsc#1249534 Cross-References: * CVE-2025-38206 * CVE-2025-38396 * CVE-2025-38471 * CVE-2025-38499 * CVE-2025-38566 * CVE-2025-38644 * CVE-2025-38678 CVSS scores: * CVE-2025-38206 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38206 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38396 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38396 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38471 ( SUSE ): 8.4 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2025-38471 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H * CVE-2025-38499 ( SUSE ): 6.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H * CVE-2025-38499 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H * CVE-2025-38566 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38566 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38644 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38644 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38678 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Affected Products: * SUSE Linux Micro 6.1 An update that solves seven vulnerabilities can now be installed. ## Description: This update for kernel-livepatch-MICRO-6-0-RT_Update_10 fixes the following issues: * CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246075) * CVE-2025-38396: fs: exportanon_inode_make_secure_inode() and fix secretmem LSM bypass (bsc#1247158) * CVE-2025-38471: kernel: tls: always refresh the queue when reading sock (bsc#1247452) * CVE-2025-38566: sunrpc: fix handling of server side tls alerts (bsc#1248376) * CVE-2025-38499: clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (bsc#1248673) * CVE-2025-38644: wifi: mac80211: reject TDLS operations when station is not associated (bsc#1248749) * CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249534) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.1 zypper in -t patch SUSE-SLE-Micro-6.1-kernel-169=1 ## Package List: * SUSE Linux Micro 6.1 (x86_64) * kernel-livepatch-6_4_0-34-rt-6-1.1 * kernel-livepatch-MICRO-6-0-RT_Update_10-debugsource-6-1.1 * kernel-livepatch-6_4_0-34-rt-debuginfo-6-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-38206.html * https://www.suse.com/security/cve/CVE-2025-38396.html * https://www.suse.com/security/cve/CVE-2025-38471.html * https://www.suse.com/security/cve/CVE-2025-38499.html * https://www.suse.com/security/cve/CVE-2025-38566.html * https://www.suse.com/security/cve/CVE-2025-38644.html * https://www.suse.com/security/cve/CVE-2025-38678.html * https://bugzilla.suse.com/show_bug.cgi?id=1246075 * https://bugzilla.suse.com/show_bug.cgi?id=1247158 * https://bugzilla.suse.com/show_bug.cgi?id=1247452 * https://bugzilla.suse.com/show_bug.cgi?id=1248376 * https://bugzilla.suse.com/show_bug.cgi?id=1248673 * https://bugzilla.suse.com/show_bug.cgi?id=1248749 * https://bugzilla.suse.com/show_bug.cgi?id=1249534 . Kernel-livepatch update for SUSE 6.1 fixes seven security issues affecting system functionality. Immediate action recommended.. kernel-livepatch, SUSE security, systemvulnerabilities, important update. . Severity: Important. LinuxSecurity.com Team
Oct 30, 2025
•Important
SuSE
202
security advisorymoderateissue resolutionopenSUSE Tumbleweed: 2025:14998-1 moderate severity: aiohttp fix
An update that solves one vulnerability can now be installed.. # python311-aiohttp-3.11.16-1.1 on GA media Announcement ID: openSUSE-SU-2025:14998-1 Rating: moderate Cross-References: * CVE-2024-12254 CVSS scores: * CVE-2024-12254 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-12254 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the python311-aiohttp-3.11.16-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * python311-aiohttp 3.11.16-1.1 * python312-aiohttp 3.11.16-1.1 * python313-aiohttp 3.11.16-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12254.html . Stay informed about vulnerabilities in python311-aiohttp affecting openSUSE Tumbleweed. Learn how to secure your applications effectively and mitigate risks.. openSUSE Tumbleweed, python311-aiohttp security, moderate security update. . LinuxSecurity.com Team
Apr 16, 2025
OpenSUSE
203
security advisorycriticalbug fixMageia 9: 2025-0072 Critical Advisory for krb5 Overflow Issue
Overflow when calculating ulog block size. (CVE-2025-24528) References: - https://bugs.mageia.org/show_bug.cgi?id=34040 - https://lists.fedoraproject.org/archives/list/
Feb 25, 2025
•Critical
Mageia
202
security advisorycritical issuekernel patchopenSUSE Leap 15.3: 2025:0239-1 important: kernel live patch fixes
An update that solves 15 vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:0239-1 Release Date: 2025-01-25T11:04:01Z Rating: important References: * bsc#1223683 * bsc#1225309 * bsc#1225310 * bsc#1225311 * bsc#1225312 * bsc#1225733 * bsc#1225819 * bsc#1226324 * bsc#1226325 * bsc#1227471 * bsc#1227651 * bsc#1228573 * bsc#1229553 * bsc#1232637 * bsc#1233712 Cross-References: * CVE-2021-47291 * CVE-2021-47598 * CVE-2022-48956 * CVE-2023-52752 * CVE-2024-26923 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35864 * CVE-2024-35950 * CVE-2024-36904 * CVE-2024-36964 * CVE-2024-36971 * CVE-2024-41059 * CVE-2024-43861 * CVE-2024-50264 CVSS scores: * CVE-2021-47291 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47291 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36904 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50264 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50264 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves 15 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_164 fixes several issues. The following security issues were fixed: * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226324). * CVE-2024-50264: vsock/virtio: Initialization of the dangling pointer occurring in vsk-> trans (bsc#1233712). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1232637). * CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225733). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229553). * CVE-2021-47598: sch_cake: do not call cake_destroy() fromcake_init() (bsc#1227471). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2021-47291: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions (bsc#1227651). * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-35950: drm/client: Fully protect modes with dev-> mode_config.mutex (bsc#1225310). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-239=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-239=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_164-default-debuginfo-7-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_164-default-7-150300.7.6.1 * kernel-livepatch-SLE15-SP3_Update_45-debugsource-7-150300.7.6.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_164-preempt-7-150300.7.6.1 * kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo-7-150300.7.6.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_164-default-7-150300.7.6.1 ## References: *https://www.suse.com/security/cve/CVE-2021-47291.html * https://www.suse.com/security/cve/CVE-2021-47598.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36904.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-50264.html * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225733 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226324 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1227651 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1229553 * https://bugzilla.suse.com/show_bug.cgi?id=1232637 * https://bugzilla.suse.com/show_bug.cgi?id=1233712 . Tackling critical security patches in the Linux kernel for Fedora, mitigating risks to enhance overall system resilience.. Linux Kernel Update, OpenSUSE Patching, Security Fixes. . Severity: Important. LinuxSecurity.com Team
Jan 27, 2025
•Important
OpenSUSE
99
security advisorycriticalpackage updateSlackware 15.0: SSA:2024-135-01 Critical: Mozilla-Firefox Security Fix
New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-firefox (SSA:2024-135-01) New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/mozilla-firefox-115.11.0esr-i686-1_slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more information, see: https://www.firefox.com/en-US/firefox/115.11.0/releasenotes/?redirect_source=mozilla-org https://www.mozilla.org/en-US/security/advisories/mfsa2024-22/ https://www.cve.org/CVERecord?id=CVE-2024-4367 https://www.cve.org/CVERecord?id=CVE-2024-4767 https://www.cve.org/CVERecord?id=CVE-2024-4768 https://www.cve.org/CVERecord?id=CVE-2024-4769 https://www.cve.org/CVERecord?id=CVE-2024-4770 https://www.cve.org/CVERecord?id=CVE-2024-4777 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 15.0: Updated package for Slackware x86_64 15.0: Updated package for Slackware -current: Updated package for Slackware x86_64 -current: MD5 signatures: +-------------+ Slackware 15.0 package: 0e9a26b221f26fb5463ef7bba9caa110 mozilla-firefox-115.11.0esr-i686-1_slack15.0.txz Slackware x86_64 15.0 package: 07aa240561e462cb32a03ebe4d62e5a1 mozilla-firefox-115.11.0esr-x86_64-1_slack15.0.txz Slackware -current package: 434d84886cc0b14db6e8b842fff25ac6 xap/mozilla-firefox-126.0-i686-1.txz Slackware x86_64 -current package: 058e5714e8cc539ced89668971b69629 xap/mozilla-firefox-126.0-x86_64-1.txz Installationinstructions: +------------------------+ Upgrade the package as root: # upgradepkg mozilla-firefox-115.11.0esr-i686-1_slack15.0.txz +-----+ . Enhance your mozilla-firefox installations in Slackware promptly to address recent vulnerabilities. Maintain your security!. Mozilla-Firefox, Slackware, Security Updates, Package Management. . Severity: Critical. LinuxSecurity.com Team
May 14, 2024
•Critical
Slackware
100
security advisorythreatimportantSUSE: 2024:0595-1 Important: Python310 E-Mail Parsing Issue
* bsc#1210638 Cross-References: * CVE-2023-27043 . # Security update for python310 Announcement ID: SUSE-SU-2024:0595-1 Rating: important References: * bsc#1210638 Cross-References: * CVE-2023-27043 CVSS scores: * CVE-2023-27043 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-27043 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for python310 fixes the following issues: * CVE-2023-27043: Fixed incorrectly parser of e-mail addresses which contain a special character (bsc#1210638). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-595=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-595=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-595=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-595=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-595=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-595=1 * SUSE Linux Enterprise Server for SAP Applications 15SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-595=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python310-testsuite-debuginfo-3.10.13-150400.4.39.1 * python310-tk-3.10.13-150400.4.39.1 * libpython3_10-1_0-debuginfo-3.10.13-150400.4.39.1 * python310-3.10.13-150400.4.39.1 * python310-tk-debuginfo-3.10.13-150400.4.39.1 * python310-dbm-debuginfo-3.10.13-150400.4.39.1 * python310-dbm-3.10.13-150400.4.39.1 * python310-doc-3.10.13-150400.4.39.1 * python310-idle-3.10.13-150400.4.39.1 * python310-tools-3.10.13-150400.4.39.1 * python310-debuginfo-3.10.13-150400.4.39.1 * libpython3_10-1_0-3.10.13-150400.4.39.1 * python310-base-3.10.13-150400.4.39.1 * python310-curses-3.10.13-150400.4.39.1 * python310-testsuite-3.10.13-150400.4.39.1 * python310-curses-debuginfo-3.10.13-150400.4.39.1 * python310-doc-devhelp-3.10.13-150400.4.39.1 * python310-debugsource-3.10.13-150400.4.39.1 * python310-base-debuginfo-3.10.13-150400.4.39.1 * python310-devel-3.10.13-150400.4.39.1 * python310-core-debugsource-3.10.13-150400.4.39.1 * openSUSE Leap 15.4 (x86_64) * python310-32bit-debuginfo-3.10.13-150400.4.39.1 * python310-32bit-3.10.13-150400.4.39.1 * python310-base-32bit-3.10.13-150400.4.39.1 * python310-base-32bit-debuginfo-3.10.13-150400.4.39.1 * libpython3_10-1_0-32bit-3.10.13-150400.4.39.1 * libpython3_10-1_0-32bit-debuginfo-3.10.13-150400.4.39.1 * openSUSE Leap 15.4 (aarch64_ilp32) * python310-base-64bit-debuginfo-3.10.13-150400.4.39.1 * libpython3_10-1_0-64bit-debuginfo-3.10.13-150400.4.39.1 * python310-64bit-3.10.13-150400.4.39.1 * libpython3_10-1_0-64bit-3.10.13-150400.4.39.1 * python310-base-64bit-3.10.13-150400.4.39.1 * python310-64bit-debuginfo-3.10.13-150400.4.39.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python310-testsuite-debuginfo-3.10.13-150400.4.39.1 * python310-tk-3.10.13-150400.4.39.1 *libpython3_10-1_0-debuginfo-3.10.13-150400.4.39.1 * python310-3.10.13-150400.4.39.1 * python310-tk-debuginfo-3.10.13-150400.4.39.1 * python310-dbm-debuginfo-3.10.13-150400.4.39.1 * python310-dbm-3.10.13-150400.4.39.1 * python310-doc-3.10.13-150400.4.39.1 * python310-idle-3.10.13-150400.4.39.1 * python310-tools-3.10.13-150400.4.39.1 * python310-debuginfo-3.10.13-150400.4.39.1 * python310-base-3.10.13-150400.4.39.1 * libpython3_10-1_0-3.10.13-150400.4.39.1 * python310-curses-3.10.13-150400.4.39.1 * python310-testsuite-3.10.13-150400.4.39.1 * python310-curses-debuginfo-3.10.13-150400.4.39.1 * python310-doc-devhelp-3.10.13-150400.4.39.1 * python310-debugsource-3.10.13-150400.4.39.1 * python310-base-debuginfo-3.10.13-150400.4.39.1 * python310-devel-3.10.13-150400.4.39.1 * python310-core-debugsource-3.10.13-150400.4.39.1 * openSUSE Leap 15.5 (x86_64) * python310-32bit-debuginfo-3.10.13-150400.4.39.1 * python310-32bit-3.10.13-150400.4.39.1 * python310-base-32bit-3.10.13-150400.4.39.1 * python310-base-32bit-debuginfo-3.10.13-150400.4.39.1 * libpython3_10-1_0-32bit-3.10.13-150400.4.39.1 * libpython3_10-1_0-32bit-debuginfo-3.10.13-150400.4.39.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * python310-curses-debuginfo-3.10.13-150400.4.39.1 * python310-tools-3.10.13-150400.4.39.1 * python310-3.10.13-150400.4.39.1 * python310-tk-debuginfo-3.10.13-150400.4.39.1 * python310-dbm-debuginfo-3.10.13-150400.4.39.1 * python310-debugsource-3.10.13-150400.4.39.1 * python310-dbm-3.10.13-150400.4.39.1 * python310-debuginfo-3.10.13-150400.4.39.1 * python310-tk-3.10.13-150400.4.39.1 * python310-base-debuginfo-3.10.13-150400.4.39.1 * python310-base-3.10.13-150400.4.39.1 * libpython3_10-1_0-3.10.13-150400.4.39.1 * libpython3_10-1_0-debuginfo-3.10.13-150400.4.39.1 * python310-core-debugsource-3.10.13-150400.4.39.1 *python310-devel-3.10.13-150400.4.39.1 * python310-curses-3.10.13-150400.4.39.1 * python310-idle-3.10.13-150400.4.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * python310-curses-debuginfo-3.10.13-150400.4.39.1 * python310-tools-3.10.13-150400.4.39.1 * python310-3.10.13-150400.4.39.1 * python310-tk-debuginfo-3.10.13-150400.4.39.1 * python310-dbm-debuginfo-3.10.13-150400.4.39.1 * python310-debugsource-3.10.13-150400.4.39.1 * python310-dbm-3.10.13-150400.4.39.1 * python310-debuginfo-3.10.13-150400.4.39.1 * python310-tk-3.10.13-150400.4.39.1 * python310-base-debuginfo-3.10.13-150400.4.39.1 * python310-base-3.10.13-150400.4.39.1 * libpython3_10-1_0-3.10.13-150400.4.39.1 * libpython3_10-1_0-debuginfo-3.10.13-150400.4.39.1 * python310-core-debugsource-3.10.13-150400.4.39.1 * python310-devel-3.10.13-150400.4.39.1 * python310-curses-3.10.13-150400.4.39.1 * python310-idle-3.10.13-150400.4.39.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * python310-curses-debuginfo-3.10.13-150400.4.39.1 * python310-tools-3.10.13-150400.4.39.1 * python310-3.10.13-150400.4.39.1 * python310-tk-debuginfo-3.10.13-150400.4.39.1 * python310-dbm-debuginfo-3.10.13-150400.4.39.1 * python310-debugsource-3.10.13-150400.4.39.1 * python310-dbm-3.10.13-150400.4.39.1 * python310-debuginfo-3.10.13-150400.4.39.1 * python310-tk-3.10.13-150400.4.39.1 * python310-base-debuginfo-3.10.13-150400.4.39.1 * python310-base-3.10.13-150400.4.39.1 * libpython3_10-1_0-3.10.13-150400.4.39.1 * libpython3_10-1_0-debuginfo-3.10.13-150400.4.39.1 * python310-core-debugsource-3.10.13-150400.4.39.1 * python310-devel-3.10.13-150400.4.39.1 * python310-curses-3.10.13-150400.4.39.1 * python310-idle-3.10.13-150400.4.39.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * python310-curses-debuginfo-3.10.13-150400.4.39.1 *python310-tools-3.10.13-150400.4.39.1 * python310-3.10.13-150400.4.39.1 * python310-tk-debuginfo-3.10.13-150400.4.39.1 * python310-dbm-debuginfo-3.10.13-150400.4.39.1 * python310-debugsource-3.10.13-150400.4.39.1 * python310-dbm-3.10.13-150400.4.39.1 * python310-debuginfo-3.10.13-150400.4.39.1 * python310-tk-3.10.13-150400.4.39.1 * python310-base-debuginfo-3.10.13-150400.4.39.1 * python310-base-3.10.13-150400.4.39.1 * libpython3_10-1_0-3.10.13-150400.4.39.1 * libpython3_10-1_0-debuginfo-3.10.13-150400.4.39.1 * python310-core-debugsource-3.10.13-150400.4.39.1 * python310-devel-3.10.13-150400.4.39.1 * python310-curses-3.10.13-150400.4.39.1 * python310-idle-3.10.13-150400.4.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * python310-curses-debuginfo-3.10.13-150400.4.39.1 * python310-tools-3.10.13-150400.4.39.1 * python310-3.10.13-150400.4.39.1 * python310-tk-debuginfo-3.10.13-150400.4.39.1 * python310-dbm-debuginfo-3.10.13-150400.4.39.1 * python310-debugsource-3.10.13-150400.4.39.1 * python310-dbm-3.10.13-150400.4.39.1 * python310-debuginfo-3.10.13-150400.4.39.1 * python310-tk-3.10.13-150400.4.39.1 * python310-base-debuginfo-3.10.13-150400.4.39.1 * python310-base-3.10.13-150400.4.39.1 * libpython3_10-1_0-3.10.13-150400.4.39.1 * libpython3_10-1_0-debuginfo-3.10.13-150400.4.39.1 * python310-core-debugsource-3.10.13-150400.4.39.1 * python310-devel-3.10.13-150400.4.39.1 * python310-curses-3.10.13-150400.4.39.1 * python310-idle-3.10.13-150400.4.39.1 ## References: * https://www.suse.com/security/cve/CVE-2023-27043.html * https://bugzilla.suse.com/show_bug.cgi?id=1210638 . Important patch for python310 fixes email parsing problem on SUSE platforms. Make sure to apply it to safeguard against this vulnerability.. python310 Update, SUSE Security Patch, E-Mail Parser Issue. . Severity: Important. LinuxSecurity.com Team
Feb 23, 2024
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!