Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 0 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraconfiguration

Debian 12 Gnome Settings Update Version 2025-fd9ba3b1234 Preview

Frameworks 6.25.0 + KDE Plasma 6.6.4. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-fe3d8d4767 2026-04-16 23:40:54.273526+00:00 -------------------------------------------------------------------------------- Name : kf6-kconfig Product : Fedora 44 Version : 6.25.0 Release : 1.fc44 URL : https://invent.kde.org/frameworks/kconfig Summary : KDE Frameworks 6 Tier 1 addon with advanced configuration system Description : KDE Frameworks 6 Tier 1 addon with advanced configuration system made of two parts: KConfigCore and KConfigGui. -------------------------------------------------------------------------------- Update Information: Frameworks 6.25.0 + KDE Plasma 6.6.4 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 9 2026 Steve Cossette - 6.25.0-1 - 6.25.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2455469 - Configuring WifI network via Network pane appears to not work https://bugzilla.redhat.com/show_bug.cgi?id=2455469 [ 2 ] Bug #2457573 - FE: KDE Frameworks 6.25.0 + Plasma 6.6.4 https://bugzilla.redhat.com/show_bug.cgi?id=2457573 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-fe3d8d4767' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . This Fedora update addresses kf6-kconfig issues, improving configuration stability within KDE Frameworks 6.25.0.. Fedora Update,kconfig,KDE Frameworks,configuration system,software upgrade. . LinuxSecurity.com Team

Calendar 2 Apr 16, 2026 Fedora
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorysecurity issuearbitrary execution

Mageia: 2019-0278 Moderate: KConfig Malformed Desktop File Issue

Updated kconfig packages fix security vulnerability: Dominik Penner discovered that KConfig supported a feature to define shell command execution in .desktop files. If a user is provided with a malformed .desktop file (e.g. if it's embedded into a downloaded archive and it gets . MGASA-2019-0278 - Updated kconfig packages fix security vulnerability Publication date: 15 Sep 2019 URL: https://advisories.mageia.org/MGASA-2019-0278.html Type: security Affected Mageia releases: 6, 7 CVE: CVE-2019-14744 Updated kconfig packages fix security vulnerability: Dominik Penner discovered that KConfig supported a feature to define shell command execution in .desktop files. If a user is provided with a malformed .desktop file (e.g. if it's embedded into a downloaded archive and it gets opened in a file browser) arbitrary commands could get executed (CVE-2019-14744). This update fixes the security issue by removing the shell command feature. References: - https://bugs.mageia.org/show_bug.cgi?id=25250 - https://kde.org/info/security/advisory-20190807-1.txt - https://lists.debian.org/debian-security-announce/2019/msg00142.html - https://www.cve.org/CVERecord?id=CVE-2019-14744 SRPMS: - 6/core/kconfig-5.42.0-1.1.mga6 - 7/core/kconfig-5.57.0-1.1.mga7 . Revamped kconfig packages address a major vulnerability impacting Mageia. Secure your system immediately!. Kconfig Security, Mageia Update, Shell Command Execution, Vulnerability Repair. . LinuxSecurity.com Team

Calendar 2 Sep 15, 2019 Mageia
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoracode execution

Fedora 29: 2019-9f2ee52c88 Critical: kdelibs3 Code Execution Risk

This update fixes **CVE-2019-14744 (kconfig arbitrary shell code execution)** in the KDE 3 compatibility version of kdelibs used by legacy KDE 3 applications. The full list of fixes in this `kdelibs3` build: * fixes **CVE-2019-14744** - `kconfig`: malicious `.desktop` files (and others) would execute code. KConfig had a well-meaning feature that allowed configuration files to execute arbitrary. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-9f2ee52c88 2019-08-19 02:28:49.021905 --------------------------------------------------------------------------------Name : kdelibs3 Product : Fedora 29 Version : 3.5.10 Release : 101.fc29 URL : https://kde.org/ Summary : KDE 3 Libraries Description : Libraries for KDE 3: KDE Libraries included: kdecore (KDE core library), kdeui (user interface), kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking), kspell (spelling checker), jscript (javascript), kab (addressbook), kimgio (image manipulation). --------------------------------------------------------------------------------Update Information: This update fixes **CVE-2019-14744 (kconfig arbitrary shell code execution)** in the KDE 3 compatibility version of kdelibs used by legacy KDE 3 applications. The full list of fixes in this `kdelibs3` build: * fixes **CVE-2019-14744** -`kconfig`: malicious `.desktop` files (and others) would execute code. KConfig had a well-meaning feature that allowed configuration files to execute arbitrary shell commands. Unfortunately, this could be abused by untrusted `.desktop` files to execute arbitrary code as the target user, without the user even running the `.desktop` file. Therefore, this update removes that ill-fated feature. (Backported by Kevin Kofler from upstream: `kf5-kconfig` fix by David Faure, `kdelibs` 4 backport by Kai Uwe Broulik.) * adds native support for **xdg-user-dirs** for *Desktop* and *Documents*, without shelling outto `xdg-user-dir` from the config file. This is needed due to the above security fix. (This feature was previously implemented in the Fedora `kde-settings` by shelling out to `xdg-user-dir` from the config file using the KConfig feature removed above.) (Backported by Kevin Kofler from Trinity Desktop / Timothy Pearson.) * fixes a **KJS double-free** that could crash legacy KDE 3 applications such as Quanta Plus when trying to execute JavaScript. (Backported by OpenSUSE / Wolfgang Bauer from Trinity Desktop / Timothy Pearson.) --------------------------------------------------------------------------------ChangeLog: * Sat Aug 10 2019 Kevin Kofler - 3.5.10-101 - Backport CVE-2019-14744 fix by David Faure and Kai Uwe Broulik from kdelibs 4 - Backport native xdg-user-dirs support by Timothy Pearson from Trinity (needed to fix the regression that would otherwise result from the above security fix) - Backport KJS double-free fix by Timothy Pearson (backport by wbauer/OpenSUSE) * Thu Jul 25 2019 Fedora Release Engineering - 3.5.10-100 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Thu Apr 11 2019 Richard Shaw - 3.5.10-99 - Rebuild for OpenEXR 2.3.0. * Fri Feb 1 2019 Fedora Release Engineering - 3.5.10-98 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Sat Jan 5 2019 Kevin Kofler - 3.5.10-97 - Rebuild for the new hardcoded qt3 build key in Rawhide - Fix aarch64 FTBFS due to libtool not liking the file output on *.so files --------------------------------------------------------------------------------References: [ 1 ] Bug #1740138 - CVE-2019-14744 kdelibs: malicious desktop files and configuration files lead to code execution with minimal user interaction https://bugzilla.redhat.com/show_bug.cgi?id=1740138 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-9f2ee52c88' at the command line.For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Essential patch released for Fedora 30, addressing kdelibs4 vulnerability: potential code execution threat via kconfig settings.. Fedora Update, kdelibs3 Security, Code Execution Risk. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 18, 2019 Critical Fedora
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorycommand executionimportant

openSUSE: 2020:2499-1 Critical: kconfig Security Update

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for kconfig, kdelibs4 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1898-1 Rating: important References: #1144600 Cross-References: CVE-2019-14744 Affected Products: openSUSE Backports SLE-15-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for kconfig, kdelibs4 fixes the following issues: - CVE-2019-14744: Fixed a command execution by an shell expansion (boo#1144600). This update was imported from the openSUSE:Leap:15.1:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP1: zypper in -t patch openSUSE-2019-1898=1 Package List: - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64): kconf_update5-5.55.0-bp151.3.8.1 kconfig-devel-5.55.0-bp151.3.8.1 kdelibs4-4.14.38-bp151.9.8.2 kdelibs4-branding-upstream-4.14.38-bp151.9.8.2 kdelibs4-core-4.14.38-bp151.9.8.2 kdelibs4-core-debuginfo-4.14.38-bp151.9.8.2 kdelibs4-debuginfo-4.14.38-bp151.9.8.2 kdelibs4-debugsource-4.14.38-bp151.9.8.2 kdelibs4-doc-4.14.38-bp151.9.8.2 kdelibs4-doc-debuginfo-4.14.38-bp151.9.8.2 libKF5ConfigCore5-5.55.0-bp151.3.8.1 libKF5ConfigGui5-5.55.0-bp151.3.8.1 libkde4-4.14.38-bp151.9.8.2 libkde4-debuginfo-4.14.38-bp151.9.8.2 libkde4-devel-4.14.38-bp151.9.8.2 libkde4-devel-debuginfo-4.14.38-bp151.9.8.2 libkdecore4-4.14.38-bp151.9.8.2 libkdecore4-debuginfo-4.14.38-bp151.9.8.2 libkdecore4-devel-4.14.38-bp151.9.8.2 libkdecore4-devel-debuginfo-4.14.38-bp151.9.8.2 libksuseinstall-devel-4.14.38-bp151.9.8.2 libksuseinstall1-4.14.38-bp151.9.8.2 libksuseinstall1-debuginfo-4.14.38-bp151.9.8.2 - openSUSE Backports SLE-15-SP1 (aarch64_ilp32): kconfig-devel-64bit-5.55.0-bp151.3.8.1 libKF5ConfigCore5-64bit-5.55.0-bp151.3.8.1 libKF5ConfigGui5-64bit-5.55.0-bp151.3.8.1 libkde4-64bit-4.14.38-bp151.9.8.2 libkde4-64bit-debuginfo-4.14.38-bp151.9.8.2 libkdecore4-64bit-4.14.38-bp151.9.8.2 libkdecore4-64bit-debuginfo-4.14.38-bp151.9.8.2 libksuseinstall1-64bit-4.14.38-bp151.9.8.2 libksuseinstall1-64bit-debuginfo-4.14.38-bp151.9.8.2 - openSUSE Backports SLE-15-SP1 (noarch): kdelibs4-apidocs-4.14.38-bp151.9.8.1 libKF5ConfigCore5-lang-5.55.0-bp151.3.8.1 References: https://www.suse.com/security/cve/CVE-2019-14744.html https://bugzilla.suse.com/1144600 -- . A patch has been issued for kconfig and kdelibs4 that mitigates a potential command execution vulnerability within openSUSE.. openSUSE Security Update, kconfig patch, kdelibs4 security, command execution, important security fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 15, 2019 Important OpenSUSE
Banner 1 1028x280 1708121660 1771599717
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisoryimportantshell execution

openSUSE: 2019:1851-2 Important: Kconfig Command Execution Severity

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for kconfig, kdelibs4 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1851-2 Rating: important References: #1144600 Cross-References: CVE-2019-14744 Affected Products: openSUSE Backports SLE-15-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for kconfig, kdelibs4 fixes the following issues: - CVE-2019-14744: Fixed a command execution by an shell expansion (boo#1144600). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP1: zypper in -t patch openSUSE-2019-1851=1 Package List: - openSUSE Backports SLE-15-SP1 (aarch64 ppc64le s390x x86_64): kconf_update5-5.55.0-bp151.3.5.1 kconf_update5-debuginfo-5.55.0-bp151.3.5.1 kconfig-debugsource-5.55.0-bp151.3.5.1 kconfig-devel-5.55.0-bp151.3.5.1 kconfig-devel-debuginfo-5.55.0-bp151.3.5.1 kdelibs4-4.14.38-bp151.9.5.1 kdelibs4-branding-upstream-4.14.38-bp151.9.5.1 kdelibs4-core-4.14.38-bp151.9.5.1 kdelibs4-core-debuginfo-4.14.38-bp151.9.5.1 kdelibs4-debuginfo-4.14.38-bp151.9.5.1 kdelibs4-debugsource-4.14.38-bp151.9.5.1 kdelibs4-doc-4.14.38-bp151.9.5.1 kdelibs4-doc-debuginfo-4.14.38-bp151.9.5.1 libKF5ConfigCore5-5.55.0-bp151.3.5.1 libKF5ConfigCore5-debuginfo-5.55.0-bp151.3.5.1 libKF5ConfigGui5-5.55.0-bp151.3.5.1 libKF5ConfigGui5-debuginfo-5.55.0-bp151.3.5.1 libkde4-4.14.38-bp151.9.5.1 libkde4-debuginfo-4.14.38-bp151.9.5.1 libkde4-devel-4.14.38-bp151.9.5.1 libkde4-devel-debuginfo-4.14.38-bp151.9.5.1 libkdecore4-4.14.38-bp151.9.5.1 libkdecore4-debuginfo-4.14.38-bp151.9.5.1 libkdecore4-devel-4.14.38-bp151.9.5.1 libkdecore4-devel-debuginfo-4.14.38-bp151.9.5.1 libksuseinstall-devel-4.14.38-bp151.9.5.1 libksuseinstall1-4.14.38-bp151.9.5.1 libksuseinstall1-debuginfo-4.14.38-bp151.9.5.1 - openSUSE Backports SLE-15-SP1 (aarch64_ilp32): kconfig-devel-64bit-5.55.0-bp151.3.5.1 kconfig-devel-64bit-debuginfo-5.55.0-bp151.3.5.1 libKF5ConfigCore5-64bit-5.55.0-bp151.3.5.1 libKF5ConfigCore5-64bit-debuginfo-5.55.0-bp151.3.5.1 libKF5ConfigGui5-64bit-5.55.0-bp151.3.5.1 libKF5ConfigGui5-64bit-debuginfo-5.55.0-bp151.3.5.1 libkde4-64bit-4.14.38-bp151.9.5.1 libkde4-64bit-debuginfo-4.14.38-bp151.9.5.1 libkdecore4-64bit-4.14.38-bp151.9.5.1 libkdecore4-64bit-debuginfo-4.14.38-bp151.9.5.1 libksuseinstall1-64bit-4.14.38-bp151.9.5.1 libksuseinstall1-64bit-debuginfo-4.14.38-bp151.9.5.1 - openSUSE Backports SLE-15-SP1 (noarch): kdelibs4-apidocs-4.14.38-bp151.9.5.1 libKF5ConfigCore5-lang-5.55.0-bp151.3.5.1 References: https://www.suse.com/security/cve/CVE-2019-14744.html https://bugzilla.suse.com/1144600 -- . The latest openSUSE release resolves a critical bug affecting kconfig and kdelibs4, thereby enhancing overall system reliability.. openSUSE Backports, kconfig Update, kdelibs4 Security, shell execution fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 14, 2019 Important OpenSUSE
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorycommand executionpatch

openSUSE: 2019:1855-1 Important: kconfig Command Execution Fix

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for kconfig, kdelibs4 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1855-1 Rating: important References: #1144600 Cross-References: CVE-2019-14744 Affected Products: openSUSE Backports SLE-15 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for kconfig, kdelibs4 fixes the following issues: - CVE-2019-14744: Fixed a command execution by an shell expansion (boo#1144600). This update was imported from the openSUSE:Leap:15.0:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15: zypper in -t patch openSUSE-2019-1855=1 Package List: - openSUSE Backports SLE-15 (aarch64 ppc64le s390x x86_64): kconf_update5-5.45.0-bp150.3.8.2 kconf_update5-debuginfo-5.45.0-bp150.3.8.2 kconfig-debugsource-5.45.0-bp150.3.8.2 kconfig-devel-5.45.0-bp150.3.8.2 kconfig-devel-debuginfo-5.45.0-bp150.3.8.2 kdelibs4-4.14.38-bp150.3.8.1 kdelibs4-branding-upstream-4.14.38-bp150.3.8.1 kdelibs4-core-4.14.38-bp150.3.8.1 kdelibs4-doc-4.14.38-bp150.3.8.1 libKF5ConfigCore5-5.45.0-bp150.3.8.2 libKF5ConfigCore5-debuginfo-5.45.0-bp150.3.8.2 libKF5ConfigGui5-5.45.0-bp150.3.8.2 libKF5ConfigGui5-debuginfo-5.45.0-bp150.3.8.2 libkde4-4.14.38-bp150.3.8.1 libkde4-devel-4.14.38-bp150.3.8.1 libkdecore4-4.14.38-bp150.3.8.1 libkdecore4-devel-4.14.38-bp150.3.8.1 libksuseinstall-devel-4.14.38-bp150.3.8.1 libksuseinstall1-4.14.38-bp150.3.8.1 - openSUSE Backports SLE-15(aarch64_ilp32): kconfig-devel-64bit-5.45.0-bp150.3.8.2 kconfig-devel-64bit-debuginfo-5.45.0-bp150.3.8.2 libKF5ConfigCore5-64bit-5.45.0-bp150.3.8.2 libKF5ConfigCore5-64bit-debuginfo-5.45.0-bp150.3.8.2 libKF5ConfigGui5-64bit-5.45.0-bp150.3.8.2 libKF5ConfigGui5-64bit-debuginfo-5.45.0-bp150.3.8.2 libkde4-64bit-4.14.38-bp150.3.8.1 libkdecore4-64bit-4.14.38-bp150.3.8.1 libksuseinstall1-64bit-4.14.38-bp150.3.8.1 - openSUSE Backports SLE-15 (noarch): kdelibs4-apidocs-4.14.38-bp150.3.8.1 libKF5ConfigCore5-lang-5.45.0-bp150.3.8.2 References: https://www.suse.com/security/cve/CVE-2019-14744.html https://bugzilla.suse.com/1144600 -- . This Fedora security patch resolves a critical problem with libinput and systemd, eliminating potential vulnerabilities in command handling.. openSUSE Security Update,kconfig,kdelibs4,command execution,patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 13, 2019 Important OpenSUSE
Banner 1 1028x280 1708121660 1771599717
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorysoftware updatecommand execution

openSUSE: 2019:1851-1 Important: kconfig Command Execution Threat

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for kconfig, kdelibs4 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1851-1 Rating: important References: #1144600 Cross-References: CVE-2019-14744 Affected Products: SUSE Package Hub for SUSE Linux Enterprise 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for kconfig, kdelibs4 fixes the following issues: - CVE-2019-14744: Fixed a command execution by an shell expansion (boo#1144600). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Package Hub for SUSE Linux Enterprise 12: zypper in -t patch openSUSE-2019-1851=1 Package List: - SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64 ppc64le s390x x86_64): kconf_update5-5.20.0-8.1 kconf_update5-5.26.0-8.1 kconf_update5-5.32.0-7.1 kconf_update5-debuginfo-5.20.0-8.1 kconf_update5-debuginfo-5.26.0-8.1 kconf_update5-debuginfo-5.32.0-7.1 kconfig-debugsource-5.20.0-8.1 kconfig-debugsource-5.26.0-8.1 kconfig-debugsource-5.32.0-7.1 kconfig-devel-5.20.0-8.1 kconfig-devel-5.26.0-8.1 kconfig-devel-5.32.0-7.1 kconfig-devel-debuginfo-5.20.0-8.1 kconfig-devel-debuginfo-5.26.0-8.1 kconfig-devel-debuginfo-5.32.0-7.1 kdelibs4-4.14.18-14.1 kdelibs4-4.14.25-13.1 kdelibs4-4.14.33-7.2 kdelibs4-branding-upstream-4.14.18-14.1 kdelibs4-branding-upstream-4.14.25-13.1 kdelibs4-branding-upstream-4.14.33-7.2 kdelibs4-core-4.14.18-14.1 kdelibs4-core-4.14.25-13.1 kdelibs4-core-4.14.33-7.2 kdelibs4-core-debuginfo-4.14.18-14.1 kdelibs4-core-debuginfo-4.14.25-13.1 kdelibs4-core-debuginfo-4.14.33-7.2 kdelibs4-debuginfo-4.14.18-14.1 kdelibs4-debuginfo-4.14.25-13.1 kdelibs4-debuginfo-4.14.33-7.2 kdelibs4-debugsource-4.14.18-14.1 kdelibs4-debugsource-4.14.25-13.1 kdelibs4-debugsource-4.14.33-7.2 kdelibs4-doc-4.14.18-14.1 kdelibs4-doc-4.14.25-13.1 kdelibs4-doc-4.14.33-7.2 kdelibs4-doc-debuginfo-4.14.18-14.1 kdelibs4-doc-debuginfo-4.14.25-13.1 kdelibs4-doc-debuginfo-4.14.33-7.2 libKF5ConfigCore5-5.20.0-8.1 libKF5ConfigCore5-5.26.0-8.1 libKF5ConfigCore5-5.32.0-7.1 libKF5ConfigCore5-debuginfo-5.20.0-8.1 libKF5ConfigCore5-debuginfo-5.26.0-8.1 libKF5ConfigCore5-debuginfo-5.32.0-7.1 libKF5ConfigGui5-5.20.0-8.1 libKF5ConfigGui5-5.26.0-8.1 libKF5ConfigGui5-5.32.0-7.1 libKF5ConfigGui5-debuginfo-5.20.0-8.1 libKF5ConfigGui5-debuginfo-5.26.0-8.1 libKF5ConfigGui5-debuginfo-5.32.0-7.1 libkde4-4.14.18-14.1 libkde4-4.14.25-13.1 libkde4-4.14.33-7.2 libkde4-debuginfo-4.14.18-14.1 libkde4-debuginfo-4.14.25-13.1 libkde4-debuginfo-4.14.33-7.2 libkde4-devel-4.14.18-14.1 libkde4-devel-4.14.25-13.1 libkde4-devel-4.14.33-7.2 libkdecore4-4.14.18-14.1 libkdecore4-4.14.25-13.1 libkdecore4-4.14.33-7.2 libkdecore4-debuginfo-4.14.18-14.1 libkdecore4-debuginfo-4.14.25-13.1 libkdecore4-debuginfo-4.14.33-7.2 libkdecore4-devel-4.14.18-14.1 libkdecore4-devel-4.14.25-13.1 libkdecore4-devel-4.14.33-7.2 libkdecore4-devel-debuginfo-4.14.18-14.1 libkdecore4-devel-debuginfo-4.14.25-13.1 libkdecore4-devel-debuginfo-4.14.33-7.2 libksuseinstall-devel-4.14.18-14.1 libksuseinstall-devel-4.14.25-13.1 libksuseinstall-devel-4.14.33-7.2 libksuseinstall1-4.14.18-14.1 libksuseinstall1-4.14.25-13.1 libksuseinstall1-4.14.33-7.2 libksuseinstall1-debuginfo-4.14.18-14.1 libksuseinstall1-debuginfo-4.14.25-13.1 libksuseinstall1-debuginfo-4.14.33-7.2 - SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64_ilp32): kconfig-devel-64bit-5.32.0-7.1 kconfig-devel-debuginfo-64bit-5.32.0-7.1 libKF5ConfigCore5-64bit-5.32.0-7.1 libKF5ConfigCore5-debuginfo-64bit-5.32.0-7.1 libKF5ConfigGui5-64bit-5.32.0-7.1 libKF5ConfigGui5-debuginfo-64bit-5.32.0-7.1 libkde4-64bit-4.14.33-7.2 libkde4-debuginfo-64bit-4.14.33-7.2 libkdecore4-64bit-4.14.33-7.2 libkdecore4-debuginfo-64bit-4.14.33-7.2 libksuseinstall1-64bit-4.14.33-7.2 libksuseinstall1-debuginfo-64bit-4.14.33-7.2 - SUSE Package Hub for SUSE Linux Enterprise 12 (noarch): kdelibs4-apidocs-4.14.18-14.1 kdelibs4-apidocs-4.14.25-13.1 kdelibs4-apidocs-4.14.33-7.2 libKF5ConfigCore5-lang-5.20.0-8.1 libKF5ConfigCore5-lang-5.26.0-8.1 libKF5ConfigCore5-lang-5.32.0-7.1 References: https://www.suse.com/security/cve/CVE-2019-14744.html https://bugzilla.suse.com/1144600 -- . The recent update for kconfig and kdelibs4 resolves a significant command execution vulnerability in openSUSE.. openSUSE Security Update,kconfig,kdelibs4,command execution,software patching. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 13, 2019 Important OpenSUSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoracode execution

Fedora 30: FEDORA-2019-48b691092f Critical: kf5-kconfig Code Execution

Backport upstream fix for CVE-2019-14744 security issue.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-48b691092f 2019-08-13 01:01:16.243669 --------------------------------------------------------------------------------Name : kf5-kconfig Product : Fedora 30 Version : 5.59.0 Release : 1.fc30.1 URL : Summary : KDE Frameworks 5 Tier 1 addon with advanced configuration system Description : KDE Frameworks 5 Tier 1 addon with advanced configuration system made of two parts: KConfigCore and KConfigGui. --------------------------------------------------------------------------------Update Information: Backport upstream fix for CVE-2019-14744 security issue. --------------------------------------------------------------------------------ChangeLog: * Thu Aug 8 2019 Rex Dieter - 5.59.0-1.1 - (branch backport) upstream fix for CVE-2019-14744 (#1738901) * Thu Jun 6 2019 Rex Dieter - 5.59.0-1 - 5.59.0 * Tue May 7 2019 Rex Dieter - 5.58.0-1 - 5.58.0 * Tue Apr 9 2019 Rex Dieter - 5.57.0-1 - 5.57.0 * Tue Mar 5 2019 Rex Dieter - 5.56.0-1 - 5.56.0 --------------------------------------------------------------------------------References: [ 1 ] Bug #1738901 - kconfig: malicious .desktop files (and others) would execute code https://bugzilla.redhat.com/show_bug.cgi?id=1738901 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-48b691092f' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Apply upstream patch for kf5-kconfig in Fedora to mitigate security vulnerability associated with harmful .desktop files that could trigger unauthorized code execution.. kf5-kconfig update, Fedora fix, malware execution risk. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 12, 2019 Critical Fedora
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here