Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 8 articles for you...
89
security advisoryupdatecriticalFedora 39: FEDORA-2024-029752e60b Critical Update on Sequoia Keystore
Update the sequoia-openpgp crate to version 1.21.1. Addresses RUSTSEC-2024-0345. Update the sequoia-keystore crate to version 0.5.1. Update the sequoia-gpg-agent crate to version 0.4.2. This update also includes rebuilds of all affected applications that are affected by RUSTSEC-2024-0345 and a regression in sequoia-openpgp 1.21.0.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-029752e60b 2024-07-09 01:41:25.580220 -------------------------------------------------------------------------------- Name : rust-sequoia-keystore Product : Fedora 39 Version : 0.5.1 Release : 1.fc39 URL : Summary : Sequoia's private key store server Description : Sequoia's private key store server. -------------------------------------------------------------------------------- Update Information: Update the sequoia-openpgp crate to version 1.21.1. Addresses RUSTSEC-2024-0345. Update the sequoia-keystore crate to version 0.5.1. Update the sequoia-gpg-agent crate to version 0.4.2. This update also includes rebuilds of all affected applications that are affected by RUSTSEC-2024-0345 and a regression in sequoia-openpgp 1.21.0. -------------------------------------------------------------------------------- ChangeLog: * Tue Jun 25 2024 Fabio Valentini - 0.5.1-1 - Update to version 0.5.1; Fixes RHBZ#2293570 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-029752e60b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Jul 09, 2024
•Critical
Fedora
202
security advisorysecurity updateimportantopenSUSE: 2024:0118-1 Important: python-python-jose Algorithm Issue
An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for python-python-jose ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0118-1 Rating: important References: #1223417 Cross-References: CVE-2024-33663 CVSS scores: CVE-2024-33663 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python-python-jose fixes the following issues: CVE-2024-33663: Fixed algorithm confusion with OpenSSH ECDSA keys and other key formats (boo#1223417). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-118=1 Package List: - openSUSE Backports SLE-15-SP5 (noarch): python3-python-jose-3.0.1-bp155.3.3.1 References: https://www.suse.com/security/cve/CVE-2024-33663.html https://bugzilla.suse.com/1223417 . A security patch for python-python-jose resolves algorithm confusion vulnerabilities highlighted in openSUSE's most recent notification.. Python Jose Update, OpenSUSE Security, Important Security Patch. . Severity: Important. LinuxSecurity.com Team
May 07, 2024
•Important
OpenSUSE
203
security advisorymoderatesecurity updateMageia 8 & 9: MGASA-2023-0253 Moderate: OpenSSL Excessive Check Issues
AES-SIV implementation ignores empty associated data entries. (CVE-2023-2975) Excessive time spent checking DH keys and parameters. (CVE-2023-3446) . MGASA-2023-0253 - Updated openssl packages fix security vulnerability Publication date: 11 Sep 2023 URL: https://advisories.mageia.org/MGASA-2023-0253.html Type: security Affected Mageia releases: 8, 9 CVE: CVE-2023-2975, CVE-2023-3446, CVE-2023-3817 AES-SIV implementation ignores empty associated data entries. (CVE-2023-2975) Excessive time spent checking DH keys and parameters. (CVE-2023-3446) Excessive time spent checking DH q parameter value. (CVE-2023-3817) References: - https://bugs.mageia.org/show_bug.cgi?id=32112 - https://openssl-library.org/news/secadv/20230714.txt - https://openssl-library.org/news/secadv/20230719.txt - https://openssl-library.org/news/secadv/20230731.txt - https://www.cve.org/CVERecord?id=CVE-2023-2975 - https://www.cve.org/CVERecord?id=CVE-2023-3446 - https://www.cve.org/CVERecord?id=CVE-2023-3817 SRPMS: - 8/core/openssl-1.1.1v-1.mga8 - 9/core/openssl-3.0.10-1.mga9 . The latest version of OpenSSL packages available for Mageia mitigates serious security flaws identified in CVEs released on September 11, 2023.. OpenSSL Update, Mageia Security, Encryption Issues. . LinuxSecurity.com Team
Sep 11, 2023
Mageia
172
security advisorydenial of serviceaccess controlUbuntu 22.04 LTS USN-6063-1 Critical: Ceph Access Control Issues
Several security issues were fixed in Ceph.. =========================================================================Ubuntu Security Notice USN-6063-1 May 09, 2023 ceph vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in Ceph. Software Description: - ceph: distributed storage and file system Details: Mark Kirkwood discovered that Ceph incorrectly handled certain key lengths. An attacker could possibly use this issue to create non-random encryption keys. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-3979) It was discovered that Ceph incorrectly handled the volumes plugin. An attacker could possibly use this issue to obtain access to any share. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-0670) It was discovered that Ceph incorrectly handled crash dumps. A local attacker could possibly use this issue to escalate privileges to root. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-3650) It was discovered that Ceph incorrectly handled URL processing on RGW backends. An attacker could possibly use this issue to cause RGW to crash, leading to a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-3854) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: ceph 17.2.5-0ubuntu0.22.10.3 ceph-base 17.2.5-0ubuntu0.22.10.3 ceph-common 17.2.5-0ubuntu0.22.10.3 Ubuntu 22.04 LTS: ceph 17.2.5-0ubuntu0.22.04.3 ceph-base 17.2.5-0ubuntu0.22.04.3 ceph-common 17.2.5-0ubuntu0.22.04.3 Ubuntu 20.04 LTS: ceph 15.2.17-0ubuntu0.20.04.3 ceph-base 15.2.17-0ubuntu0.20.04.3 ceph-common 15.2.17-0ubuntu0.20.04.3 Ubuntu 18.04 LTS: ceph 12.2.13-0ubuntu0.18.04.11 ceph-base 12.2.13-0ubuntu0.18.04.11 ceph-common 12.2.13-0ubuntu0.18.04.11 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6063-1 CVE-2021-3979, CVE-2022-0670, CVE-2022-3650, CVE-2022-3854 Package Information: https://launchpad.net/ubuntu/+source/ceph/17.2.5-0ubuntu0.22.10.3 https://launchpad.net/ubuntu/+source/ceph/17.2.5-0ubuntu0.22.04.3 https://launchpad.net/ubuntu/+source/ceph/15.2.17-0ubuntu0.20.04.3 https://launchpad.net/ubuntu/+source/ceph/12.2.13-0ubuntu0.18.04.11 . Major weaknesses in Ceph addressed for Ubuntu variants affecting credential management and permission oversight, apply the latest updates immediately.. Ceph Vulnerabilities, Access Control Threats, Denial Of Service. . Severity: Critical. LinuxSecurity.com Team
May 09, 2023
•Critical
Ubuntu
98
security advisorymoderate severitykey managementRed Hat Enterprise Linux 9: RHSA-2023-0304-01 Moderate LibreOffice Issues
An update for libreoffice is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: libreoffice security update Advisory ID: RHSA-2023:0304-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:0304 Issue date: 2023-01-23 CVE Names: CVE-2022-3140 CVE-2022-26305 CVE-2022-26306 CVE-2022-26307 ==================================================================== 1. Summary: An update for libreoffice is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 9) - ppc64le, x86_64 Red Hat Enterprise Linux AppStream (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. Security Fix(es): * libreoffice: Macro URL arbitrary script execution (CVE-2022-3140) * libreoffice: Execution of Untrusted Macros Due to Improper Certificate Validation (CVE-2022-26305) * libreoffice: Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing theMaster Password (CVE-2022-26306) * libreoffice: Weak Master Keys (CVE-2022-26307) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of LibreOffice applications must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 2118610 - CVE-2022-26307 libreoffice: Weak Master Keys 2118611 - CVE-2022-26305 libreoffice: Execution of Untrusted Macros Due to Improper Certificate Validation 2118613 - CVE-2022-26306 libreoffice: Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password 2134697 - CVE-2022-3140 libreoffice: Macro URL arbitrary script execution 6. Package List: Red Hat Enterprise Linux AppStream (v.9): Source: libreoffice-7.1.8.1-8.el9_1.src.rpm aarch64: libreoffice-base-debuginfo-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-calc-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-calc-debuginfo-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-core-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-core-debuginfo-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-debuginfo-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-debugsource-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-glade-debuginfo-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-graphicfilter-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-graphicfilter-debuginfo-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-gtk3-debuginfo-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-help-en-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-impress-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-impress-debuginfo-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-langpack-en-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-officebean-debuginfo-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-ogltrans-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-ogltrans-debuginfo-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-pdfimport-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-pdfimport-debuginfo-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-postgresql-debuginfo-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-pyuno-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-pyuno-debuginfo-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-sdk-debuginfo-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-ure-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-ure-debuginfo-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-writer-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-writer-debuginfo-7.1.8.1-8.el9_1.aarch64.rpm libreoffice-x11-debuginfo-7.1.8.1-8.el9_1.aarch64.rpm libreofficekit-debuginfo-7.1.8.1-8.el9_1.aarch64.rpm noarch: autocorr-af-7.1.8.1-8.el9_1.noarch.rpm autocorr-bg-7.1.8.1-8.el9_1.noarch.rpm autocorr-ca-7.1.8.1-8.el9_1.noarch.rpm autocorr-cs-7.1.8.1-8.el9_1.noarch.rpm autocorr-da-7.1.8.1-8.el9_1.noarch.rpm autocorr-de-7.1.8.1-8.el9_1.noarch.rpm autocorr-dsb-7.1.8.1-8.el9_1.noarch.rpm autocorr-el-7.1.8.1-8.el9_1.noarch.rpm autocorr-en-7.1.8.1-8.el9_1.noarch.rpm autocorr-es-7.1.8.1-8.el9_1.noarch.rpm autocorr-fa-7.1.8.1-8.el9_1.noarch.rpm autocorr-fi-7.1.8.1-8.el9_1.noarch.rpm autocorr-fr-7.1.8.1-8.el9_1.noarch.rpm autocorr-ga-7.1.8.1-8.el9_1.noarch.rpm autocorr-hr-7.1.8.1-8.el9_1.noarch.rpm autocorr-hsb-7.1.8.1-8.el9_1.noarch.rpm autocorr-hu-7.1.8.1-8.el9_1.noarch.rpm autocorr-is-7.1.8.1-8.el9_1.noarch.rpm autocorr-it-7.1.8.1-8.el9_1.noarch.rpm autocorr-ja-7.1.8.1-8.el9_1.noarch.rpm autocorr-ko-7.1.8.1-8.el9_1.noarch.rpm autocorr-lb-7.1.8.1-8.el9_1.noarch.rpm autocorr-lt-7.1.8.1-8.el9_1.noarch.rpm autocorr-mn-7.1.8.1-8.el9_1.noarch.rpm autocorr-nl-7.1.8.1-8.el9_1.noarch.rpm autocorr-pl-7.1.8.1-8.el9_1.noarch.rpm autocorr-pt-7.1.8.1-8.el9_1.noarch.rpm autocorr-ro-7.1.8.1-8.el9_1.noarch.rpm autocorr-ru-7.1.8.1-8.el9_1.noarch.rpm autocorr-sk-7.1.8.1-8.el9_1.noarch.rpm autocorr-sl-7.1.8.1-8.el9_1.noarch.rpm autocorr-sr-7.1.8.1-8.el9_1.noarch.rpm autocorr-sv-7.1.8.1-8.el9_1.noarch.rpm autocorr-tr-7.1.8.1-8.el9_1.noarch.rpm autocorr-vi-7.1.8.1-8.el9_1.noarch.rpm autocorr-vro-7.1.8.1-8.el9_1.noarch.rpm autocorr-zh-7.1.8.1-8.el9_1.noarch.rpm libreoffice-data-7.1.8.1-8.el9_1.noarch.rpm libreoffice-opensymbol-fonts-7.1.8.1-8.el9_1.noarch.rpm libreoffice-ure-common-7.1.8.1-8.el9_1.noarch.rpm ppc64le: libreoffice-base-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-calc-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-calc-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-core-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-core-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-debugsource-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-glade-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-graphicfilter-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-graphicfilter-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-gtk3-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-help-en-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-impress-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-impress-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-langpack-en-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-officebean-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-ogltrans-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-ogltrans-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-pdfimport-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-pdfimport-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-postgresql-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-pyuno-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-pyuno-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-sdk-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-ure-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-ure-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-writer-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-writer-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-x11-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-x11-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreofficekit-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm s390x: libreoffice-base-debuginfo-7.1.8.1-8.el9_1.s390x.rpm libreoffice-calc-7.1.8.1-8.el9_1.s390x.rpm libreoffice-calc-debuginfo-7.1.8.1-8.el9_1.s390x.rpm libreoffice-core-7.1.8.1-8.el9_1.s390x.rpm libreoffice-core-debuginfo-7.1.8.1-8.el9_1.s390x.rpm libreoffice-debuginfo-7.1.8.1-8.el9_1.s390x.rpm libreoffice-debugsource-7.1.8.1-8.el9_1.s390x.rpm libreoffice-glade-debuginfo-7.1.8.1-8.el9_1.s390x.rpm libreoffice-graphicfilter-7.1.8.1-8.el9_1.s390x.rpm libreoffice-graphicfilter-debuginfo-7.1.8.1-8.el9_1.s390x.rpm libreoffice-gtk3-debuginfo-7.1.8.1-8.el9_1.s390x.rpm libreoffice-help-en-7.1.8.1-8.el9_1.s390x.rpm libreoffice-impress-7.1.8.1-8.el9_1.s390x.rpm libreoffice-impress-debuginfo-7.1.8.1-8.el9_1.s390x.rpm libreoffice-langpack-en-7.1.8.1-8.el9_1.s390x.rpm libreoffice-officebean-debuginfo-7.1.8.1-8.el9_1.s390x.rpm libreoffice-ogltrans-7.1.8.1-8.el9_1.s390x.rpm libreoffice-ogltrans-debuginfo-7.1.8.1-8.el9_1.s390x.rpm libreoffice-pdfimport-7.1.8.1-8.el9_1.s390x.rpm libreoffice-pdfimport-debuginfo-7.1.8.1-8.el9_1.s390x.rpm libreoffice-postgresql-debuginfo-7.1.8.1-8.el9_1.s390x.rpm libreoffice-pyuno-7.1.8.1-8.el9_1.s390x.rpm libreoffice-pyuno-debuginfo-7.1.8.1-8.el9_1.s390x.rpm libreoffice-sdk-debuginfo-7.1.8.1-8.el9_1.s390x.rpm libreoffice-ure-7.1.8.1-8.el9_1.s390x.rpm libreoffice-ure-debuginfo-7.1.8.1-8.el9_1.s390x.rpm libreoffice-writer-7.1.8.1-8.el9_1.s390x.rpm libreoffice-writer-debuginfo-7.1.8.1-8.el9_1.s390x.rpm libreoffice-x11-debuginfo-7.1.8.1-8.el9_1.s390x.rpm libreofficekit-debuginfo-7.1.8.1-8.el9_1.s390x.rpm x86_64: libreoffice-base-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-base-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-calc-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-calc-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-core-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-core-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-debugsource-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-draw-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-emailmerge-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-filters-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-gdb-debug-support-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-glade-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-graphicfilter-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-graphicfilter-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-gtk3-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-gtk3-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-ar-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-bg-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-bn-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-ca-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-cs-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-da-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-de-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-dz-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-el-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-en-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-eo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-es-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-et-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-eu-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-fi-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-fr-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-gl-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-gu-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-he-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-hi-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-hr-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-hu-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-id-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-it-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-ja-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-ko-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-lt-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-lv-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-nb-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-nl-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-nn-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-pl-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-pt-BR-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-pt-PT-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-ro-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-ru-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-si-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-sk-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-sl-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-sv-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-ta-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-tr-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-uk-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-zh-Hans-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-help-zh-Hant-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-impress-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-impress-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-af-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-ar-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-as-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-bg-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-bn-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-br-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-ca-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-cs-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-cy-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-da-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-de-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-dz-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-el-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-en-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-eo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-es-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-et-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-eu-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-fa-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-fi-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-fr-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-fy-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-ga-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-gl-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-gu-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-he-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-hi-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-hr-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-hu-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-id-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-it-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-ja-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-kk-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-kn-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-ko-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-lt-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-lv-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-mai-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-ml-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-mr-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-nb-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-nl-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-nn-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-nr-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-nso-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-or-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-pa-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-pl-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-pt-BR-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-pt-PT-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-ro-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-ru-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-si-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-sk-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-sl-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-sr-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-ss-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-st-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-sv-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-ta-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-te-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-th-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-tn-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-tr-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-ts-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-uk-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-ve-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-xh-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-zh-Hans-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-zh-Hant-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-langpack-zu-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-math-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-officebean-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-ogltrans-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-ogltrans-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-pdfimport-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-pdfimport-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-postgresql-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-pyuno-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-pyuno-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-sdk-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-ure-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-ure-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-wiki-publisher-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-writer-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-writer-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-x11-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-x11-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-xsltfilter-7.1.8.1-8.el9_1.x86_64.rpm libreofficekit-7.1.8.1-8.el9_1.x86_64.rpm libreofficekit-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm Red Hat CodeReady Linux Builder (v.9): ppc64le: libreoffice-base-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-calc-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-core-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-debugsource-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-glade-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-graphicfilter-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-gtk3-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-impress-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-officebean-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-ogltrans-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-pdfimport-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-postgresql-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-pyuno-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-sdk-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-sdk-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-sdk-doc-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-ure-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-writer-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreoffice-x11-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm libreofficekit-debuginfo-7.1.8.1-8.el9_1.ppc64le.rpm x86_64: libreoffice-base-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-calc-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-core-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-debugsource-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-glade-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-graphicfilter-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-gtk3-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-impress-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-officebean-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-ogltrans-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-pdfimport-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-postgresql-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-pyuno-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-sdk-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-sdk-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-sdk-doc-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-ure-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-writer-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreoffice-x11-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm libreofficekit-debuginfo-7.1.8.1-8.el9_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-3140 https://access.redhat.com/security/cve/CVE-2022-26305 https://access.redhat.com/security/cve/CVE-2022-26306 https://access.redhat.com/security/cve/CVE-2022-26307 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY863HtzjgjWX9erEAQgCTQ/9FEn7GH1JnzpuDejya+4Im5HlNheyHo0l brHHyVD4H1kpp4t0bNGGD80jHX6V1GA/zv17gfalzVrUsGV6CDKxHFgdPCmDHIwW lx1cfgQfBcYDVVoc7JkPYdf/VKYNQd66GQBv652JJHuyrmQlpLug6NJx8a7aLu3a ITbAwwynoZMRlX9zK3ZJBUbpGHAeqtkB5QgfPxH2ZkK7FDVT0B/yTU3D9BdTKsl8 urwg9Evu1Ey+YxXeOmtQTLrBa7MbgLUMlKzDzcTUslKQIcf1YrcxbcWcWK+iaBqh YkD2L/vGBKaCU5mRNYpeLBr71KNCFa+ev85zpspeBIEQdSNsQeO7lkPLjHRYfpLI wf8KEIfOleqHS0AyAYvr3kMJpwx6hRQZZgRcCtn1bhCDNJTeVS4p/iHMQc6nnp6d 8jxf02Kpfp+fFfiyP+q1/0AQJ0B2tcQIhzR+PSFZ5+Gh0t53/2crbhtCuYtbn60r sjkokGalHZPJEelJfbdIErDkTlJVE1/hESi1s103RotXVsI/KNxC4s2VAld/rBQK dR1Mz/nH6jnKVNqop2b4MX66tQtGyw0dInatNWQjo024Xs2KG4V4nafv2YGfd+Ro h08npPjYoieDMKfVgybKkr/RIx4RSjWs6DrixeGhNHUYSwx/I/LvCYwMgA4A+F39 KdMt2mNRH2w=jIFg -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jan 23, 2023
Red Hat
197
security advisorygnupgdebianDebian 9 Stretch DLA-2948-1: Refresh GnuPG Archive Signing Keys
debian-archive-keyring is a package containing GnuPG archive keys of the Debian archive. New GPG-keys are being constantly added with every new Debian release. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2948-1
Mar 13, 2022
•Informational
Debian LTS
89
security advisoryfedoracriticalFedora 34: FEDORA-2021-33f8ebd09c Critical: OpenCryptoki Key Security
When constructing an OpenSSL EC public or private key from PKCS#11 attributes or ECDH public data, check that the key is valid, i.e. that the point is on the curve. This prevents one from creating an EC key object via C_CreateObject with invalid key data. It also prevents C_DeriveKey to derive a secret using ECDH with an EC public key (public data) that uses a different curve or is invalid by. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-33f8ebd09c 2021-09-02 23:45:36.565238 --------------------------------------------------------------------------------Name : opencryptoki Product : Fedora 34 Version : 3.16.0 Release : 2.fc34 URL : https://github.com/opencryptoki/opencryptoki Summary : Implementation of the PKCS#11 (Cryptoki) specification v2.11 Description : Opencryptoki implements the PKCS#11 specification v2.11 for a set of cryptographic hardware, such as IBM 4764 and 4765 crypto cards, and the Trusted Platform Module (TPM) chip. Opencryptoki also brings a software token implementation that can be used without any cryptographic hardware. This package contains the Slot Daemon (pkcsslotd) and general utilities. --------------------------------------------------------------------------------Update Information: When constructing an OpenSSL EC public or private key from PKCS#11 attributes or ECDH public data, check that the key is valid, i.e. that the point is on the curve. This prevents one from creating an EC key object via C_CreateObject with invalid key data. It also prevents C_DeriveKey to derive a secret using ECDH with an EC public key (public data) that uses a different curve or is invalid by other means. The problem is fixed in opencryptoki-3.16.0-2 --------------------------------------------------------------------------------ChangeLog: * Tue Aug 24 2021 Than Ngo - 3.16.0-2 - Fixed bz#1990592, allows invalid curve attacks via a specially craftedkey --------------------------------------------------------------------------------References: [ 1 ] Bug #1990591 - opencryptoki: allows invalid curve attacks via a specially crafted key https://bugzilla.redhat.com/show_bug.cgi?id=1990591 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-33f8ebd09c' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Sep 02, 2021
•Critical
Fedora
203
security advisorymoderateremote accessMageia: 2021-0189 Moderate: OpenSSH Remote Access Vulnerability
An attacker may use Thunderbird's OpenPGP key refresh mechanism to poison an existing key (CVE-2021-23991). A crafted OpenPGP key with an invalid user ID could be used to confuse the user (MOZ-2021-23992). . MGASA-2021-0189 - Updated thunderbird packages fix security vulnerabilities Publication date: 15 Apr 2021 URL: https://advisories.mageia.org/MGASA-2021-0189.html Type: security Affected Mageia releases: 7, 8 CVE: CVE-2021-23991, CVE-2021-23993 An attacker may use Thunderbird's OpenPGP key refresh mechanism to poison an existing key (CVE-2021-23991). A crafted OpenPGP key with an invalid user ID could be used to confuse the user (MOZ-2021-23992). Inability to send encrypted OpenPGP email after importing a crafted OpenPGP key (CVE-2021-23993). References: - https://bugs.mageia.org/show_bug.cgi?id=28764 - https://www.mozilla.org/en-US/security/advisories/mfsa2021-13/ - https://www.thunderbird.net/en-US/thunderbird/78.9.1/releasenotes/ - https://www.cve.org/CVERecord?id=CVE-2021-23991 - https://www.cve.org/CVERecord?id=CVE-2021-23993 SRPMS: - 7/core/thunderbird-78.9.1-1.mga7 - 7/core/thunderbird-l10n-78.9.1-1.mga7 - 8/core/thunderbird-78.9.1-1.mga8 - 8/core/thunderbird-l10n-78.9.1-1.mga8 . Latest Thunderbird releases address significant vulnerabilities affecting password safeguarding and secure communication protocols.. Thunderbird Security,Mageia Updates,OpenPGP Threats,Email Encryption Risks. . LinuxSecurity.com Team
Apr 15, 2021
Mageia
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!