Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian LTS openssl Important Use-After-Free NULL Pointer Issues DLA-4624-1

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 alsa-lib Important Denial of Service Fix USN-8044-2

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS node-shell-quote Important Denial of Service CVE-2026-9277

Calendar White Jun 09, 2026
Important
Mageia Large Esm H800
Mageia

Mageia 9 Suricata Critical Performance Security Issues MGASA-2026-0181

Calendar White Jun 09, 2026
Critical
Mageia Large Esm H900
Mageia

Mageia 9 PackageKit Important TOCTOU Race Escalation CVE-2026-41651

Calendar White Jun 09, 2026
Important
Mageia Large Esm H900
Mageia

Mageia 9 Unbound Critical Remote Code Execution Advisory 2026-0034

Calendar White Jun 09, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS Netatalk Multiple Security Issues USN-8395-1

Calendar White Jun 09, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 mingw-objfw 1.5.5 Update Security Fix FEDORA-2026-de23fedf3e

Calendar White Jun 08, 2026
Fedora Large Esm H900
Fedora

Fedora 43 objfw Important Update 1.5.5 Bug Fixes June 2026

Calendar White Jun 08, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoracommand injection

Fedora 35 - jhead Update - CVE-2022-41751 Command Injection Risk

added patches to fix CVE-2022-41751. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-1d9133bc8e 2022-10-26 17:34:16.952122 --------------------------------------------------------------------------------Name : jhead Product : Fedora 35 Version : 3.06.0.1 Release : 5.fc35 URL : https://www.sentex.ca/~mwandel/jhead/ Summary : Tool for displaying EXIF data embedded in JPEG images Description : Jhead displays and manipulates the non-image portions of EXIF formatted JPEG images, such as the images produced by most digital cameras. --------------------------------------------------------------------------------Update Information: added patches to fix CVE-2022-41751 --------------------------------------------------------------------------------ChangeLog: * Tue Oct 18 2022 Adrian Reber - 3.06.0.1-5 - added patches to fix CVE-2022-41751 * Thu Jul 21 2022 Fedora Release Engineering - 3.06.0.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Thu Jan 20 2022 Fedora Release Engineering - 3.06.0.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #2135592 - CVE-2022-41751 jhead: arbitrary OS commands by placing them in a JPEG filename [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2135592 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-1d9133bc8e' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Updates implemented for jhead in Fedora 35 to mitigate CVE-2022-41751, improving protection against unauthorized command execution.. Fedora Update, jhead, Command Injection Risk. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 26, 2022 Critical Fedora
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorysoftware updatebug fix

openSUSE 15 SP2: 2021:0752-1 Moderate: jhead Security Fix

An update that fixes 9 vulnerabilities is now available. . openSUSE Security Update: Security update for jhead ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:0752-1 Rating: moderate References: #1144316 #1144354 #1160544 #1160547 Cross-References: CVE-2016-3822 CVE-2018-16554 CVE-2018-17088 CVE-2018-6612 CVE-2019-1010301 CVE-2019-1010302 CVE-2020-6624 CVE-2020-6625 CVE-2021-3496 CVSS scores: CVE-2016-3822 (NVD) : 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2018-16554 (NVD) : 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2018-17088 (NVD) : 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2018-6612 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-1010301 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-1010302 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2019-1010302 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2021-3496 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP2 ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. Description: This update for jhead fixes the following issues: jhead was updated to 3.06.0.1 * lot of fuzztest fixes * Apply a whole bunch of patches from Debian. * Spell check and fuzz test stuff from Debian, nothing useful to human users. * Add option to set exif date from date from another file. * Bug fixes relating to fuzz testing. * Fix bug where thumbnail replacement DID NOT WORK. * Fix bug when no orientation tag is present * Fix bug of not clearing exif information when processing images withan without exif data in one invocation. * Remove some unnecessary warnings with some types of GPS data * Remove multiple copies of the same type of section when deleting section types This update was imported from the openSUSE:Leap:15.2:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP2: zypper in -t patch openSUSE-2021-752=1 Package List: - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64): jhead-3.06.0.1-bp152.4.6.1 References: https://www.suse.com/security/cve/CVE-2016-3822.html https://www.suse.com/security/cve/CVE-2018-16554.html https://www.suse.com/security/cve/CVE-2018-17088.html https://www.suse.com/security/cve/CVE-2018-6612.html https://www.suse.com/security/cve/CVE-2019-1010301.html https://www.suse.com/security/cve/CVE-2019-1010302.html https://www.suse.com/security/cve/CVE-2020-6624.html https://www.suse.com/security/cve/CVE-2020-6625.html https://www.suse.com/security/cve/CVE-2021-3496.html https://bugzilla.suse.com/1144316 https://bugzilla.suse.com/1144354 https://bugzilla.suse.com/1160544 https://bugzilla.suse.com/1160547 . A recent update for jhead addresses a total of nine security vulnerabilities, all classified as having moderate severity, within the openSUSE ecosystem. Discover the specifics.. openSUSE Security,jhead Update,Software Patch,System Update. . LinuxSecurity.com Team

Calendar 2 May 19, 2021 OpenSUSE
Banner 3 1028x280 1708121785 1771599793
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorysecurity issuemoderate severity

openSUSE Leap 15.2: OpenSUSE-SU-2021:0594-1 Moderate: jhead Heap Overflow

An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for jhead ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:0594-1 Rating: moderate References: #1184756 Cross-References: CVE-2021-3496 Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for jhead fixes the following issues: - CVE-2021-3496: Fixed heap-based buffer overflow in Get16u() in exif.c (bsc#1184756) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-594=1 Package List: - openSUSE Leap 15.2 (x86_64): jhead-3.00-lp152.7.3.1 jhead-debuginfo-3.00-lp152.7.3.1 jhead-debugsource-3.00-lp152.7.3.1 References: https://www.suse.com/security/cve/CVE-2021-3496.html https://bugzilla.suse.com/1184756 . Resolution for moderate jhead memory overflow flaw in openSUSE, update now accessible for Leap 15.2.. openSUSE Security Update,jhead patch,heap overflow fix. . LinuxSecurity.com Team

Calendar 2 Apr 22, 2021 OpenSUSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracommand execution

Fedora 10: 2009-1824 Critical Update for Jhead Command Execution

* fixes "CVE-2008-4640 jhead: arbitrary file deletion" (#468056) * fixes "CVE-2008-4641 jhead: command exection caused by incorrect handling of the shell escapes" (#468057). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2009-1824 2009-02-17 14:51:58 --------------------------------------------------------------------------------Name : jhead Product : Fedora 10 Version : 2.86 Release : 1.fc10 URL : https://www.sentex.ca/~mwandel/jhead/ Summary : Tool for displaying EXIF data embedded in JPEG images Description : Jhead displays and manipulates the non-image portions of EXIF formatted JPEG images, such as the images produced by most digital cameras. --------------------------------------------------------------------------------Update Information: * fixes "CVE-2008-4640 jhead: arbitrary file deletion" (#468056) * fixes "CVE-2008-4641 jhead: command exection caused by incorrect handling of the shell escapes" (#468057) --------------------------------------------------------------------------------ChangeLog: * Mon Feb 16 2009 Adrian Reber - 2.86-1 - updated to 2.86 - fixes "CVE-2008-4640 jhead: arbitrary file deletion" (#468056) - fixes "CVE-2008-4641 jhead: command exection caused by incorrect handling of the shell escapes" (#468057) - fixes "build ignores optflags" (#485697) --------------------------------------------------------------------------------References: [ 1 ] Bug #468056 - CVE-2008-4640 jhead: arbitrary file deletion https://bugzilla.redhat.com/show_bug.cgi?id=468056 [ 2 ] Bug #468057 - CVE-2008-4641 jhead: command exection caused by incorrect handling of the shell escapes https://bugzilla.redhat.com/show_bug.cgi?id=468057 --------------------------------------------------------------------------------This update can be installed with the "yum" update program. Use su -c 'yum update jhead' at the command line. For more information,refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ Fedora-package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Fedora 10 jhead revision addresses command injection and unauthorized removal vulnerabilities discovered in CVE-2008-4650 and CVE-2008-4651.. Fedora Update,jhead Security,Arbitrary Deletion Fix,Command Execution Issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 05, 2009 Critical Fedora
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here