Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 20 articles for you...
89
security advisoryfedoraDoSFedora 43 bind-dyndb-ldap Important DoS Resource Leak Fix 2026-b626e83a45
Update to 9.18.49 (rhbz#2480121) Security Fixes: Limit resolver server list size. (CVE-2026-3592) Fix GSS-API resource leak. (CVE-2026-3039) Disable recursion, UPDATE, and NOTIFY for non-IN views. (CVE-2026-5946). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-b626e83a45 2026-05-26 01:20:50.020972+00:00 -------------------------------------------------------------------------------- Name : bind-dyndb-ldap Product : Fedora 43 Version : 11.11 Release : 13.fc43 URL : https://releases.pagure.org/bind-dyndb-ldap Summary : LDAP back-end plug-in for BIND Description : This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server. -------------------------------------------------------------------------------- Update Information: Update to 9.18.49 (rhbz#2480121) Security Fixes: Limit resolver server list size. (CVE-2026-3592) Fix GSS-API resource leak. (CVE-2026-3039) Disable recursion, UPDATE, and NOTIFY for non-IN views. (CVE-2026-5946) Avoid unbounded recursion loop. (CVE-2026-5950) Fix outgoing zone transfers' quota issue. Feature Changes: Fix CPU spikes and slow queries when cache approaches memory limit. Bug Fixes: Fix named crash when processing SIG records in dynamic updates. Fix rndc modzone behavior for a zone in named.conf. Fix zone verification of NSEC3 signed zones. Prevent a crash when using both dns64 and filter-aaaa. Fixed an assertion failure when processing catalog zones. Prevent malicious DNSSEC zones from exhausting validator CPU. Fix rndc-confgen aborting on HMAC-SHA-384/512 keys above 512 bits. Prevent crafted queries from degrading RRL performance. Fix a bug in allow-query/allow-transfer catalog zone custom properties. Fix a memory leak issue in catalog zones. Fix suppressed missing-glue check in named-checkzone. Reject record sets too large to serve inDNS. Source: https://downloads.isc.org/isc/bind9/9.18.49/doc/arm/html/notes.html#notes-for- bind-9-18-49 -------------------------------------------------------------------------------- ChangeLog: * Wed May 20 2026 Petr Men\u0161k - 11.11-13 - Rebuilt for BIND 9.18.49 (rhbz#2480121) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2480121 - bind-9.18.49 is available https://bugzilla.redhat.com/show_bug.cgi?id=2480121 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b626e83a45' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Fedora 43 bind-dyndb-ldap update 2026-b626e83a45 with critical security fixes for multiple issues.. bind-dyndb-ldap updates, Fedora vulnerabilities, LDAP security fixes. . Severity: Important. LinuxSecurity.com Team
May 26, 2026
•Important
Fedora
203
security advisoryinformation leakmemory managementMageia 9 Samba Security Advisory 2026-0142 CVE-2018-14628 and more
MGASA-2026-0142 - Updated samba packages fix security vulnerabilities. MGASA-2026-0142 - Updated samba packages fix security vulnerabilities Publication date: 16 May 2026 URL: https://advisories.mageia.org/MGASA-2026-0142.html Type: security Affected Mageia releases: 9 CVE: CVE-2018-14628, CVE-2025-10230, CVE-2025-9640 Description: An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store. (CVE-2018-14628) Command injection in wins server hook script. (CVE-2025-10230) vfs_streams_xattr uninitialized memory write possible. (CVE-2025-9640) References: - https://bugs.mageia.org/show_bug.cgi?id=34672 - https://www.openwall.com/lists/oss-security/2025/10/15/2 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14628 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10230 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9640 SRPMS: - 9/core/samba-4.17.12-1.2.mga9 . Mageia security advisory 2026-0142 highlights Samba package vulnerabilities and provides fixes for critical issues.. Samba Security Advisory, Mageia Samba Update, CVE-Information Leak, LDAP Vulnerability, Memory Management Issues. . Severity: Important. LinuxSecurity.com Team
May 16, 2026
•Important
Mageia
219
security advisorymoderateremote code executionRocky Linux 8 389-ds Security Flaw Critical Attack Vector RLSA-2026-5678
Moderate: 389-ds:1.4 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:5513", "synopsis": "Moderate: 389-ds:1.4 security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for module.389-ds-base, 389-ds-base.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. \n\nSecurity Fix(es):\n\n* 389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow (CVE-2025-14905)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2423624", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2423624", "description": ""}], "cves": [{"name": "CVE-2025-14905", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-14905", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.2", "cwe": "CWE-122"}], "references": [], "publishedAt": "2026-04-07T00:01:14.755526Z", "rpms": {"Rocky Linux 8": {"nvras": ["389-ds-base-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.aarch64.rpm", "389-ds-base-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.src.rpm", "389-ds-base-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.x86_64.rpm", "389-ds-base-debuginfo-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.aarch64.rpm", "389-ds-base-debuginfo-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.x86_64.rpm", "389-ds-base-debugsource-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.aarch64.rpm","389-ds-base-debugsource-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.x86_64.rpm", "389-ds-base-devel-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.aarch64.rpm", "389-ds-base-devel-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.x86_64.rpm", "389-ds-base-legacy-tools-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.aarch64.rpm", "389-ds-base-legacy-tools-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.x86_64.rpm", "389-ds-base-legacy-tools-debuginfo-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.aarch64.rpm", "389-ds-base-legacy-tools-debuginfo-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.x86_64.rpm", "389-ds-base-libs-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.aarch64.rpm", "389-ds-base-libs-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.x86_64.rpm", "389-ds-base-libs-debuginfo-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.aarch64.rpm", "389-ds-base-libs-debuginfo-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.x86_64.rpm", "389-ds-base-snmp-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.aarch64.rpm", "389-ds-base-snmp-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.x86_64.rpm", "389-ds-base-snmp-debuginfo-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.aarch64.rpm", "389-ds-base-snmp-debuginfo-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.x86_64.rpm", "python3-lib389-0:1.4.3.39-23.module+el8.10.0+40135+69dd2a79.noarch.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. A moderate security update for 389-ds in Rocky Linux addresses remote execution and denial of service concerns.. Rocky Linux, 389-ds, remote execution, buffer overflow, ldap. . LinuxSecurity.com Team
Apr 07, 2026
Rocky Linux
219
security advisorymoderatedenial of serviceRocky Linux 10 RLSA-2026-3323 openldap-server Critical RCE Threat Alert
Moderate: 389-ds-base security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:3208", "synopsis": "Moderate: 389-ds-base security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for 389-ds-base.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration.\n\nSecurity Fix(es):\n\n* 389-ds-base: 389-ds-base: Remote Code Execution and Denial of Service via heap buffer overflow (CVE-2025-14905)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2423624", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2423624", "description": ""}], "cves": [{"name": "CVE-2025-14905", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2025-14905", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.2", "cwe": "CWE-122"}], "references": [], "publishedAt": "2026-02-26T20:47:54.095478Z", "rpms": {"Rocky Linux 10": {"nvras": ["389-ds-base-debugsource-0:3.1.3-7.el10_1.ppc64le.rpm", "389-ds-base-bdb-debuginfo-0:3.1.3-7.el10_1.s390x.rpm", "389-ds-base-bdb-0:3.1.3-7.el10_1.s390x.rpm", "389-ds-base-0:3.1.3-7.el10_1.x86_64.rpm", "389-ds-base-bdb-0:3.1.3-7.el10_1.x86_64.rpm", "389-ds-base-libs-0:3.1.3-7.el10_1.aarch64.rpm", "389-ds-base-debugsource-0:3.1.3-7.el10_1.s390x.rpm", "389-ds-base-devel-0:3.1.3-7.el10_1.aarch64.rpm", "389-ds-base-debuginfo-0:3.1.3-7.el10_1.x86_64.rpm", "389-ds-base-debugsource-0:3.1.3-7.el10_1.aarch64.rpm","389-ds-base-bdb-debuginfo-0:3.1.3-7.el10_1.ppc64le.rpm", "389-ds-base-snmp-debuginfo-0:3.1.3-7.el10_1.aarch64.rpm", "389-ds-base-libs-0:3.1.3-7.el10_1.s390x.rpm", "389-ds-base-libs-0:3.1.3-7.el10_1.x86_64.rpm", "389-ds-base-libs-debuginfo-0:3.1.3-7.el10_1.x86_64.rpm", "389-ds-base-debugsource-0:3.1.3-7.el10_1.x86_64.rpm", "389-ds-base-0:3.1.3-7.el10_1.src.rpm", "389-ds-base-devel-0:3.1.3-7.el10_1.s390x.rpm", "389-ds-base-snmp-0:3.1.3-7.el10_1.s390x.rpm", "389-ds-base-libs-debuginfo-0:3.1.3-7.el10_1.s390x.rpm", "389-ds-base-snmp-0:3.1.3-7.el10_1.x86_64.rpm", "389-ds-base-libs-debuginfo-0:3.1.3-7.el10_1.aarch64.rpm", "389-ds-base-0:3.1.3-7.el10_1.ppc64le.rpm", "389-ds-base-debuginfo-0:3.1.3-7.el10_1.ppc64le.rpm", "389-ds-base-bdb-0:3.1.3-7.el10_1.ppc64le.rpm", "389-ds-base-devel-0:3.1.3-7.el10_1.x86_64.rpm", "389-ds-base-libs-0:3.1.3-7.el10_1.ppc64le.rpm", "389-ds-base-snmp-0:3.1.3-7.el10_1.ppc64le.rpm", "389-ds-base-snmp-debuginfo-0:3.1.3-7.el10_1.s390x.rpm", "389-ds-base-devel-0:3.1.3-7.el10_1.ppc64le.rpm", "389-ds-base-bdb-debuginfo-0:3.1.3-7.el10_1.x86_64.rpm", "389-ds-base-debuginfo-0:3.1.3-7.el10_1.aarch64.rpm", "python3-lib389-0:3.1.3-7.el10_1.noarch.rpm", "389-ds-base-bdb-debuginfo-0:3.1.3-7.el10_1.aarch64.rpm", "389-ds-base-0:3.1.3-7.el10_1.aarch64.rpm", "389-ds-base-snmp-debuginfo-0:3.1.3-7.el10_1.x86_64.rpm", "389-ds-base-snmp-0:3.1.3-7.el10_1.aarch64.rpm", "389-ds-base-libs-debuginfo-0:3.1.3-7.el10_1.ppc64le.rpm", "389-ds-base-snmp-debuginfo-0:3.1.3-7.el10_1.ppc64le.rpm", "389-ds-base-debuginfo-0:3.1.3-7.el10_1.s390x.rpm", "389-ds-base-bdb-0:3.1.3-7.el10_1.aarch64.rpm", "389-ds-base-0:3.1.3-7.el10_1.s390x.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. 389-ds-base security update for Rocky Linux addresses moderate risk including remote code execution and denial of service.. Rocky Linux security update, 389-ds-base fix, LDAP server security. . LinuxSecurity.com Team
Feb 26, 2026
Rocky Linux
100
security advisoryDoSimportantopenSUSE: pgadmin4 Important LDAP DoS Issues Fixed 2026:0015-1
An update that solves two vulnerabilities can now be installed.. # Security update for pgadmin4 Announcement ID: SUSE-SU-2026:0015-1 Release Date: 2026-01-05T10:41:14Z Rating: important References: * bsc#1253477 * bsc#1253478 Cross-References: * CVE-2025-12764 * CVE-2025-12765 CVSS scores: * CVE-2025-12764 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-12764 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-12764 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-12765 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-12765 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2025-12765 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-12765 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.6 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for pgadmin4 fixes the following issues: * CVE-2025-12765: insufficient checks in the LDAP authentication flow allow a for bypass of TLS certificate validation that can lead to the stealing of bind credentials and the altering of directory responses (bsc#1253478). * CVE-2025-12764: improper validation of characters in a username allows for LDAP injections that force the processing of unusual amounts of data and leads to a DoS (bsc#1253477). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for yourproduct: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-15=1 openSUSE-SLE-15.6-2026-15=1 * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-15=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-15=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-15=1 ## Package List: * openSUSE Leap 15.6 (noarch) * pgadmin4-8.5-150600.3.18.1 * pgadmin4-web-uwsgi-8.5-150600.3.18.1 * pgadmin4-desktop-8.5-150600.3.18.1 * pgadmin4-cloud-8.5-150600.3.18.1 * pgadmin4-doc-8.5-150600.3.18.1 * system-user-pgadmin-8.5-150600.3.18.1 * Python 3 Module 15-SP7 (noarch) * system-user-pgadmin-8.5-150600.3.18.1 * pgadmin4-8.5-150600.3.18.1 * pgadmin4-doc-8.5-150600.3.18.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * system-user-pgadmin-8.5-150600.3.18.1 * pgadmin4-8.5-150600.3.18.1 * pgadmin4-doc-8.5-150600.3.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * system-user-pgadmin-8.5-150600.3.18.1 * pgadmin4-8.5-150600.3.18.1 * pgadmin4-doc-8.5-150600.3.18.1 ## References: * https://www.suse.com/security/cve/CVE-2025-12764.html * https://www.suse.com/security/cve/CVE-2025-12765.html * https://bugzilla.suse.com/show_bug.cgi?id=1253477 * https://bugzilla.suse.com/show_bug.cgi?id=1253478 . This update for pgadmin4 addresses significant issues including DoS and LDAP authentication flaws in openSUSE.. pgadmin4 update DoS LDAP authentication SUSE. . Severity: Important. LinuxSecurity.com Team
Jan 05, 2026
•Important
SuSE
217
security advisorymoderatevulnerabilityOracle Linux 10 ELSA-2025-7508 moderate: java-21-openjdk security advisory
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-7508 http://linux.oracle.com/errata/ELSA-2025-7508.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable LinuxNetwork: x86_64: java-21-openjdk-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-demo-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-demo-fastdebug-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-demo-slowdebug-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-devel-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-devel-fastdebug-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-devel-slowdebug-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-fastdebug-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-headless-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-headless-fastdebug-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-headless-slowdebug-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-javadoc-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-javadoc-zip-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-jmods-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-jmods-fastdebug-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-jmods-slowdebug-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-slowdebug-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-src-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-src-fastdebug-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-src-slowdebug-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-static-libs-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-static-libs-fastdebug-21.0.7.0.6-1.0.1.el10.x86_64.rpm java-21-openjdk-static-libs-slowdebug-21.0.7.0.6-1.0.1.el10.x86_64.rpm aarch64: java-21-openjdk-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-demo-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-demo-fastdebug-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-demo-slowdebug-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-devel-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-devel-fastdebug-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-devel-slowdebug-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-fastdebug-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-headless-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-headless-fastdebug-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-headless-slowdebug-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-javadoc-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-javadoc-zip-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-jmods-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-jmods-fastdebug-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-jmods-slowdebug-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-slowdebug-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-src-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-src-fastdebug-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-src-slowdebug-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-static-libs-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-static-libs-fastdebug-21.0.7.0.6-1.0.1.el10.aarch64.rpm java-21-openjdk-static-libs-slowdebug-21.0.7.0.6-1.0.1.el10.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/java-21-openjdk-21.0.7.0.6-1.0.1.el10.src.rpm Related CVEs: CVE-2025-21587 CVE-2025-30691 CVE-2025-30698 Description of changes: [1:21.0.7.0.6-1.0.1] - Add Oracle vendor bug URL [Orabug: 34340155] [1:21.0.7.0.6-1] - Update to jdk-21.0.7+6 (GA) - Update release notes to 21.0.7+6 - Rebase FIPS support against 21.0.7+5 - Require tzdata 2025a due to upstream inclusion of JDK-8347965 - ** This tarball is embargoed until 2025-04-15 @ 1pm PT. ** - Resolves: RHEL-86986 - Resolves: RHEL-86636 _______________________________________________ El-errata mailing list
Jun 30, 2025
Oracle
197
security advisorydenial of servicesoftware updateDebian LTS 11: DLA-4021-1 critical: 389-ds-base multiple security risks
This update fixes multiple vulnerabilities in 389-ds-base LDAP server. CVE-2021-3652 . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4021-1
Jan 20, 2025
•Critical
Debian LTS
98
security advisoryred hatbug fixRed Hat 8 RHSA-2023-4655-01 Moderate: Directory Server Security Fix
An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.6 for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: redhat-ds:11 security, bug fix, and enhancement update Advisory ID: RHSA-2023:4655-01 Product: Red Hat Directory Server Advisory URL: https://access.redhat.com/errata/RHSA-2023:4655 Issue date: 2023-08-15 CVE Names: CVE-2023-1055 ===================================================================== 1. Summary: An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.6 for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Directory Server 11.6 for RHEL 8 - noarch, x86_64 3. Description: Red Hat Directory Server is an LDAPv3-compliant directory server. The suite of packages includes the Lightweight Directory Access Protocol (LDAP) server, as well as command-line utilities and Web UI packages for server administration. Security Fix(s): * RHDS: LDAP browser tries to decode userPassword instead of userCertificate attribute (CVE-2023-1055) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Users of Red Hat Directory Server 11 are advised to upgrade to these updated packages. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, referto: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2168719 - lib389 password policy DN handling is incorrect 2173517 - CVE-2023-1055 RHDS: LDAP browser tries to decode userPassword instead of userCertificate attribute 6. Package List: Red Hat Directory Server 11.6 for RHEL 8: Source: 389-ds-base-1.4.3.34-1.module+el8dsrv+18380+8350b80e.src.rpm noarch: cockpit-389-ds-1.4.3.34-1.module+el8dsrv+18380+8350b80e.noarch.rpm python3-lib389-1.4.3.34-1.module+el8dsrv+18380+8350b80e.noarch.rpm x86_64: 389-ds-base-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm 389-ds-base-debuginfo-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm 389-ds-base-debugsource-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm 389-ds-base-devel-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm 389-ds-base-legacy-tools-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm 389-ds-base-legacy-tools-debuginfo-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm 389-ds-base-libs-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm 389-ds-base-libs-debuginfo-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm 389-ds-base-snmp-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm 389-ds-base-snmp-debuginfo-1.4.3.34-1.module+el8dsrv+18380+8350b80e.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2023-1055 https://access.redhat.com/security/updates/classification#moderate https://access.redhat.com/security/cve/CVE-2023-1055 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIcBAEBCAAGBQJk24qZAAoJENzjgjWX9erEmCIP/AmA/1/kGxF8ACrP6GFQ+pCL xPjbaBzDbz9LlHFyUC7cnyPUIFro80TXBB4P/H1fc1koeZ2yF0KAEBsIzKnocI9H SKJllWkP3C1a0mPjaNZ4N84wYRKEfNJ2IucUpfGZKLcJ8rxomoSdpOMLaZqHm3px E0JC0Vv88XUARwGeuVKtI+6j6Ou5FzNoCd4Kd1XvrMzv7KAbVJxkB9Xoenf8ZbUp NuLV8qiPBCHkrsbE+fMBQ6B5vbOgzX3hPUf/jPIdusGX82FRnqUf/gambzmnuUDq gihVYAWwnl+wzYKHvQpvGdJlxNYonxnuKfyNJc6Q469AKobGTiAvrFz0qy6Gbfv/ hodfwNF5fJc0E/62518Qq72mTmYBECIvK17kmnqhkFlS2x9luaGQ31R8Qlxi88z0 b+klA6RdNdL8bf9NF20ti4z949aIJSzDcNtXoVk8ysxBPB6hCxM+7qjY6PVGY3VH 8C7CgOyy1Oruq1SNJOR7RxCSsTbf9RwUrgpvf7ySaDUNf/pQJVyS++UR5IDvEjnv XJg3dIIYwS8ePiQy8EKgS6UNS/9xv/PH5hRgcK8qepkpb9inkO9Ky6fK/9oReRU3 +nQQZuUvmw4lW+HpawT99/Mi1m1A+y74FN+Z+OtscGRan35ub5rC1CNp8yIHkZvm 16T5+anvXr2FBWHheGsu =csV1 -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Aug 15, 2023
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!