Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 3 articles for you...
219
security advisorymoderateupdateRocky Linux 8 RLSA-2023-7046 python38 Major Security Alert Notice
Moderate: python27:2.7 security and bug fix update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2023:7042", "synopsis": "Moderate: python27:2.7 security and bug fix update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for python-mock, module.python-sqlalchemy, python-backports-ssl_match_hostname, python-attrs, python-chardet, python2-rpm-macros, module.numpy, module.python-mock, python-pymongo, python-markupsafe, python-psycopg2, python2-six, module.python-funcsigs, module.python-pygments, module.pytz, python-coverage, module.python-chardet, module.python-pluggy, module.python-virtualenv, module.python-PyMySQL, python-PyMySQL, module.python-dns, module.python-nose, python-pysocks, python-funcsigs, scipy, module.python-pytest-mock, module.python-attrs, numpy, python-wheel, PyYAML, module.python-docs, module.python-setuptools_scm, module.python-backports-ssl_match_hostname, babel, python-idna, python2-pip, module.python-wheel, module.python-ipaddress, module.python-markupsafe, module.python-psycopg2, python-requests, module.scipy, module.PyYAML, python-nose, module.Cython, module.python-lxml, python-sqlalchemy, module.python2-pip, python-dns, pytest, module.python-backports, module.python-coverage, module.babel, python-pluggy, module.python-docutils, module.python-requests, python-pygments, module.python-pymongo, module.python2-six, module.python-pysocks, pytz, python-docs, python-backports, python-py, python-lxml, python-pytest-mock, module.pytest, python-setuptools_scm, module.python-idna, module.python-py, python-ipaddress, Cython, module.python2-rpm-macros, python-docutils.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages providea stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL.\n\nSecurity Fix(es):\n\n* python-requests: Unintended leak of Proxy-Authorization header (CVE-2023-32681)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Rocky Linux 8.9 Release Notes linked from the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2209469", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2209469", "description": ""}], "cves": [{"name": "CVE-2023-32681", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-32681", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-402"}], "references": [], "publishedAt": "2026-03-18T06:01:13.733535Z", "rpms": {"Rocky Linux 8": {"nvras": ["babel-0:2.5.1-10.module+el8.9.0+1531+a18208f5.noarch.rpm", "babel-0:2.5.1-10.module+el8.9.0+1531+a18208f5.src.rpm", "Cython-0:0.28.1-7.module+el8.9.0+1531+a18208f5.src.rpm", "Cython-debugsource-0:0.28.1-7.module+el8.9.0+1531+a18208f5.aarch64.rpm", "Cython-debugsource-0:0.28.1-7.module+el8.9.0+1531+a18208f5.x86_64.rpm", "numpy-1:1.14.2-16.module+el8.9.0+1531+a18208f5.src.rpm", "numpy-debugsource-1:1.14.2-16.module+el8.9.0+1531+a18208f5.aarch64.rpm", "numpy-debugsource-1:1.14.2-16.module+el8.9.0+1531+a18208f5.x86_64.rpm", "pytest-0:3.4.2-13.module+el8.9.0+1531+a18208f5.src.rpm", "python2-attrs-0:17.4.0-10.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-babel-0:2.5.1-10.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-backports-0:1.0-16.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-backports-0:1.0-16.module+el8.9.0+1531+a18208f5.x86_64.rpm","python2-backports-ssl_match_hostname-0:3.5.0.1-12.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-bson-0:3.7.0-1.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-bson-0:3.7.0-1.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-bson-debuginfo-0:3.7.0-1.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-bson-debuginfo-0:3.7.0-1.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-chardet-0:3.0.4-10.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-coverage-0:4.5.1-5.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python2-coverage-0:4.5.1-5.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python2-nose-0:1.3.7-31.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-coverage-debuginfo-0:4.5.1-5.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python2-coverage-debuginfo-0:4.5.1-5.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python2-Cython-0:0.28.1-7.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-Cython-0:0.28.1-7.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-Cython-debuginfo-0:0.28.1-7.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-Cython-debuginfo-0:0.28.1-7.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-dns-0:1.15.0-10.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-docs-0:2.7.16-2.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-docs-info-0:2.7.16-2.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-docutils-0:0.14-12.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-funcsigs-0:1.0.2-13.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-idna-0:2.5-7.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-ipaddress-0:1.0.18-6.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-lxml-0:4.2.3-6.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-lxml-0:4.2.3-6.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-lxml-debuginfo-0:4.2.3-6.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-lxml-debuginfo-0:4.2.3-6.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-markupsafe-0:0.23-19.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-markupsafe-0:0.23-19.module+el8.9.0+1531+a18208f5.x86_64.rpm","python2-mock-0:2.0.0-13.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-numpy-1:1.14.2-16.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-numpy-1:1.14.2-16.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-numpy-debuginfo-1:1.14.2-16.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-numpy-debuginfo-1:1.14.2-16.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-numpy-doc-1:1.14.2-16.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-numpy-f2py-1:1.14.2-16.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-numpy-f2py-1:1.14.2-16.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-pip-0:9.0.3-19.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-pip-0:9.0.3-19.module+el8.9.0+1531+a18208f5.src.rpm", "python2-pip-wheel-0:9.0.3-19.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-pluggy-0:0.6.0-8.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-psycopg2-0:2.7.5-8.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python2-psycopg2-0:2.7.5-8.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python2-psycopg2-debug-0:2.7.5-8.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python2-psycopg2-debug-0:2.7.5-8.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python2-psycopg2-debug-debuginfo-0:2.7.5-8.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python2-psycopg2-debug-debuginfo-0:2.7.5-8.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python2-psycopg2-debuginfo-0:2.7.5-8.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python2-psycopg2-debuginfo-0:2.7.5-8.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python2-psycopg2-tests-0:2.7.5-8.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python2-psycopg2-tests-0:2.7.5-8.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python2-py-0:1.5.3-6.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-pygments-0:2.2.0-22.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-pymongo-0:3.7.0-1.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-pymongo-0:3.7.0-1.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-pymongo-debuginfo-0:3.7.0-1.module+el8.9.0+1531+a18208f5.aarch64.rpm","python2-pymongo-debuginfo-0:3.7.0-1.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-pymongo-gridfs-0:3.7.0-1.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-pymongo-gridfs-0:3.7.0-1.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-PyMySQL-0:0.8.0-10.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-pysocks-0:1.6.8-6.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-pytest-0:3.4.2-13.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-pytest-mock-0:1.9.0-4.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-pytz-0:2017.2-13.module+el8.10.0+1817+0b01df83.noarch.rpm", "python2-pyyaml-0:3.12-16.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-pyyaml-0:3.12-16.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-pyyaml-debuginfo-0:3.12-16.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-pyyaml-debuginfo-0:3.12-16.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-requests-0:2.20.0-4.module+el8.10.0+1817+0b01df83.noarch.rpm", "python2-rpm-macros-0:3-38.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-rpm-macros-0:3-38.module+el8.9.0+1531+a18208f5.src.rpm", "python2-scipy-0:1.0.0-22.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python2-scipy-0:1.0.0-22.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python2-scipy-debuginfo-0:1.0.0-22.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python2-scipy-debuginfo-0:1.0.0-22.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python2-setuptools_scm-0:1.15.7-6.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-six-0:1.11.0-6.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-six-0:1.11.0-6.module+el8.9.0+1531+a18208f5.src.rpm", "python2-sqlalchemy-0:1.3.2-2.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-sqlalchemy-0:1.3.2-2.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-wheel-1:0.31.1-3.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-wheel-wheel-1:0.31.1-3.module+el8.9.0+1531+a18208f5.noarch.rpm", "python-attrs-0:17.4.0-10.module+el8.9.0+1531+a18208f5.src.rpm", "python-backports-0:1.0-16.module+el8.9.0+1531+a18208f5.src.rpm","python-backports-ssl_match_hostname-0:3.5.0.1-12.module+el8.9.0+1531+a18208f5.src.rpm", "python-chardet-0:3.0.4-10.module+el8.9.0+1531+a18208f5.src.rpm", "python-coverage-0:4.5.1-5.module+el8.10.0+1817+0b01df83.src.rpm", "python-coverage-debugsource-0:4.5.1-5.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python-coverage-debugsource-0:4.5.1-5.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python-dns-0:1.15.0-10.module+el8.9.0+1531+a18208f5.src.rpm", "python-docs-0:2.7.16-2.module+el8.9.0+1531+a18208f5.src.rpm", "python-docutils-0:0.14-12.module+el8.10.0+1592+61442852.src.rpm", "python-docutils-0:0.14-12.module+el8.10.0+1910+234ad790.src.rpm", "python-docutils-0:0.14-12.module+el8.9.0+1531+a18208f5.src.rpm", "python-funcsigs-0:1.0.2-13.module+el8.9.0+1531+a18208f5.src.rpm", "python-idna-0:2.5-7.module+el8.9.0+1531+a18208f5.src.rpm", "python-ipaddress-0:1.0.18-6.module+el8.9.0+1531+a18208f5.src.rpm", "python-lxml-0:4.2.3-6.module+el8.9.0+1531+a18208f5.src.rpm", "python-lxml-debugsource-0:4.2.3-6.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python-lxml-debugsource-0:4.2.3-6.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python-markupsafe-0:0.23-19.module+el8.9.0+1531+a18208f5.src.rpm", "python-mock-0:2.0.0-13.module+el8.9.0+1531+a18208f5.src.rpm", "python-nose-0:1.3.7-31.module+el8.10.0+1910+234ad790.src.rpm", "python-nose-0:1.3.7-31.module+el8.9.0+1531+a18208f5.src.rpm", "python-nose-0:1.3.7-31.module+el8.10.0+1592+61442852.src.rpm", "python-nose-docs-0:1.3.7-31.module+el8.10.0+1910+234ad790.noarch.rpm", "python-nose-docs-0:1.3.7-31.module+el8.10.0+1592+61442852.noarch.rpm", "python-nose-docs-0:1.3.7-31.module+el8.9.0+1531+a18208f5.noarch.rpm", "python-pluggy-0:0.6.0-8.module+el8.9.0+1531+a18208f5.src.rpm", "python-psycopg2-0:2.7.5-8.module+el8.10.0+1817+0b01df83.src.rpm", "python-psycopg2-debuginfo-0:2.7.5-8.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python-psycopg2-debuginfo-0:2.7.5-8.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python-psycopg2-debugsource-0:2.7.5-8.module+el8.10.0+1817+0b01df83.aarch64.rpm","python-psycopg2-debugsource-0:2.7.5-8.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python-psycopg2-doc-0:2.7.5-8.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python-psycopg2-doc-0:2.7.5-8.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python-py-0:1.5.3-6.module+el8.9.0+1531+a18208f5.src.rpm", "python-pygments-0:2.2.0-22.module+el8.10.0+1592+61442852.src.rpm", "python-pygments-0:2.2.0-22.module+el8.10.0+1910+234ad790.src.rpm", "python-pygments-0:2.2.0-22.module+el8.9.0+1531+a18208f5.src.rpm", "python-pymongo-0:3.7.0-1.module+el8.10.0+1910+234ad790.src.rpm", "python-pymongo-0:3.7.0-1.module+el8.9.0+1531+a18208f5.src.rpm", "python-pymongo-0:3.7.0-1.module+el8.10.0+1592+61442852.src.rpm", "python-pymongo-debuginfo-0:3.7.0-1.module+el8.10.0+1592+61442852.aarch64.rpm", "python-pymongo-debuginfo-0:3.7.0-1.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python-pymongo-debuginfo-0:3.7.0-1.module+el8.10.0+1910+234ad790.aarch64.rpm", "python-pymongo-debuginfo-0:3.7.0-1.module+el8.10.0+1592+61442852.x86_64.rpm", "python-pymongo-debuginfo-0:3.7.0-1.module+el8.10.0+1910+234ad790.x86_64.rpm", "python-pymongo-debuginfo-0:3.7.0-1.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python-pymongo-debugsource-0:3.7.0-1.module+el8.10.0+1592+61442852.aarch64.rpm", "python-pymongo-debugsource-0:3.7.0-1.module+el8.10.0+1910+234ad790.aarch64.rpm", "python-pymongo-debugsource-0:3.7.0-1.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python-pymongo-debugsource-0:3.7.0-1.module+el8.10.0+1592+61442852.x86_64.rpm", "python-pymongo-debugsource-0:3.7.0-1.module+el8.10.0+1910+234ad790.x86_64.rpm", "python-pymongo-debugsource-0:3.7.0-1.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python-PyMySQL-0:0.8.0-10.module+el8.9.0+1531+a18208f5.src.rpm", "python-pysocks-0:1.6.8-6.module+el8.9.0+1531+a18208f5.src.rpm", "python-pytest-mock-0:1.9.0-4.module+el8.9.0+1531+a18208f5.src.rpm", "python-requests-0:2.20.0-4.module+el8.10.0+1817+0b01df83.src.rpm", "python-setuptools_scm-0:1.15.7-6.module+el8.9.0+1531+a18208f5.src.rpm","python-sqlalchemy-0:1.3.2-2.module+el8.9.0+1531+a18208f5.src.rpm", "python-sqlalchemy-doc-0:1.3.2-2.module+el8.9.0+1531+a18208f5.noarch.rpm", "python-virtualenv-0:15.1.0-22.module+el8.10.0+1592+61442852.src.rpm", "python-wheel-1:0.31.1-3.module+el8.10.0+1592+61442852.src.rpm", "python-wheel-1:0.31.1-3.module+el8.9.0+1531+a18208f5.src.rpm", "python-wheel-1:0.31.1-3.module+el8.10.0+1910+234ad790.src.rpm", "pytz-0:2017.2-13.module+el8.10.0+1817+0b01df83.src.rpm", "PyYAML-0:3.12-16.module+el8.9.0+1531+a18208f5.src.rpm", "PyYAML-debugsource-0:3.12-16.module+el8.9.0+1531+a18208f5.aarch64.rpm", "PyYAML-debugsource-0:3.12-16.module+el8.9.0+1531+a18208f5.x86_64.rpm", "scipy-0:1.0.0-22.module+el8.10.0+1817+0b01df83.src.rpm", "scipy-debugsource-0:1.0.0-22.module+el8.10.0+1817+0b01df83.aarch64.rpm", "scipy-debugsource-0:1.0.0-22.module+el8.10.0+1817+0b01df83.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. A moderate python27 update addresses a Proxy-Authorization leak, enhancing security in Rocky Linux 8.. Rocky Linux Python Security Update. . LinuxSecurity.com Team
Mar 18, 2026
Rocky Linux
219
security advisorymoderatesecurity issueRocky Linux 8 python27 Security Leak Exposed Proxy Header RLSA-2023-7042
Moderate: python27:2.7 security and bug fix update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2023:7042", "synopsis": "Moderate: python27:2.7 security and bug fix update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for python-mock, module.python-sqlalchemy, python-backports-ssl_match_hostname, python-attrs, python-chardet, python2-rpm-macros, module.numpy, module.python-mock, python-pymongo, python-markupsafe, python-psycopg2, python2-six, module.python-funcsigs, module.python-pygments, module.pytz, python-coverage, module.python-chardet, module.python-pluggy, module.python-virtualenv, module.python-PyMySQL, python-PyMySQL, module.python-dns, module.python-nose, python-pysocks, python-funcsigs, scipy, module.python-pytest-mock, module.python-attrs, numpy, python-wheel, PyYAML, module.python-docs, module.python-setuptools_scm, module.python-backports-ssl_match_hostname, babel, python-idna, python2-pip, module.python-wheel, module.python-ipaddress, module.python-markupsafe, module.python-psycopg2, python-requests, module.scipy, module.PyYAML, python-nose, module.Cython, module.python-lxml, python-sqlalchemy, module.python2-pip, python-dns, pytest, module.python-backports, module.python-coverage, module.babel, python-pluggy, module.python-docutils, module.python-requests, python-pygments, module.python-pymongo, module.python2-six, module.python-pysocks, pytz, python-docs, python-backports, python-py, python-lxml, python-pytest-mock, module.pytest, python-setuptools_scm, module.python-idna, module.python-py, python-ipaddress, Cython, module.python2-rpm-macros, python-docutils.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages providea stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL.\n\nSecurity Fix(es):\n\n* python-requests: Unintended leak of Proxy-Authorization header (CVE-2023-32681)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Rocky Linux 8.9 Release Notes linked from the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2209469", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2209469", "description": ""}], "cves": [{"name": "CVE-2023-32681", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-32681", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N", "cvss3BaseScore": "6.1", "cwe": "CWE-402"}], "references": [], "publishedAt": "2026-03-18T06:01:13.733535Z", "rpms": {"Rocky Linux 8": {"nvras": ["python-nose-docs-0:1.3.7-31.module+el8.10.0+1592+61442852.noarch.rpm", "python-pymongo-debuginfo-0:3.7.0-1.module+el8.10.0+1910+234ad790.x86_64.rpm", "python-pymongo-debuginfo-0:3.7.0-1.module+el8.10.0+1592+61442852.x86_64.rpm", "python-pymongo-debugsource-0:3.7.0-1.module+el8.10.0+1910+234ad790.x86_64.rpm", "python-pymongo-debugsource-0:3.7.0-1.module+el8.10.0+1592+61442852.x86_64.rpm", "babel-0:2.5.1-10.module+el8.9.0+1531+a18208f5.noarch.rpm", "babel-0:2.5.1-10.module+el8.9.0+1531+a18208f5.src.rpm", "Cython-0:0.28.1-7.module+el8.9.0+1531+a18208f5.src.rpm", "Cython-debugsource-0:0.28.1-7.module+el8.9.0+1531+a18208f5.aarch64.rpm", "Cython-debugsource-0:0.28.1-7.module+el8.9.0+1531+a18208f5.x86_64.rpm", "numpy-1:1.14.2-16.module+el8.9.0+1531+a18208f5.src.rpm", "numpy-debugsource-1:1.14.2-16.module+el8.9.0+1531+a18208f5.aarch64.rpm", "numpy-debugsource-1:1.14.2-16.module+el8.9.0+1531+a18208f5.x86_64.rpm","pytest-0:3.4.2-13.module+el8.9.0+1531+a18208f5.src.rpm", "python2-attrs-0:17.4.0-10.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-babel-0:2.5.1-10.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-backports-0:1.0-16.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-backports-0:1.0-16.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-backports-ssl_match_hostname-0:3.5.0.1-12.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-bson-0:3.7.0-1.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-bson-0:3.7.0-1.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-bson-debuginfo-0:3.7.0-1.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-bson-debuginfo-0:3.7.0-1.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-chardet-0:3.0.4-10.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-coverage-0:4.5.1-5.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python2-coverage-0:4.5.1-5.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python2-nose-0:1.3.7-31.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-coverage-debuginfo-0:4.5.1-5.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python2-coverage-debuginfo-0:4.5.1-5.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python2-Cython-0:0.28.1-7.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-Cython-0:0.28.1-7.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-Cython-debuginfo-0:0.28.1-7.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-Cython-debuginfo-0:0.28.1-7.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-dns-0:1.15.0-10.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-docs-0:2.7.16-2.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-docs-info-0:2.7.16-2.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-docutils-0:0.14-12.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-funcsigs-0:1.0.2-13.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-idna-0:2.5-7.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-ipaddress-0:1.0.18-6.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-lxml-0:4.2.3-6.module+el8.9.0+1531+a18208f5.aarch64.rpm","python2-lxml-0:4.2.3-6.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-lxml-debuginfo-0:4.2.3-6.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-lxml-debuginfo-0:4.2.3-6.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-markupsafe-0:0.23-19.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-markupsafe-0:0.23-19.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-mock-0:2.0.0-13.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-numpy-1:1.14.2-16.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-numpy-1:1.14.2-16.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-numpy-debuginfo-1:1.14.2-16.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-numpy-debuginfo-1:1.14.2-16.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-numpy-doc-1:1.14.2-16.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-numpy-f2py-1:1.14.2-16.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-numpy-f2py-1:1.14.2-16.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-pip-0:9.0.3-19.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-pip-0:9.0.3-19.module+el8.9.0+1531+a18208f5.src.rpm", "python2-pip-wheel-0:9.0.3-19.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-pluggy-0:0.6.0-8.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-psycopg2-0:2.7.5-8.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python2-psycopg2-0:2.7.5-8.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python2-psycopg2-debug-0:2.7.5-8.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python2-psycopg2-debug-0:2.7.5-8.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python2-psycopg2-debug-debuginfo-0:2.7.5-8.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python2-psycopg2-debug-debuginfo-0:2.7.5-8.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python2-psycopg2-debuginfo-0:2.7.5-8.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python2-psycopg2-debuginfo-0:2.7.5-8.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python2-psycopg2-tests-0:2.7.5-8.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python2-psycopg2-tests-0:2.7.5-8.module+el8.10.0+1817+0b01df83.x86_64.rpm","python2-py-0:1.5.3-6.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-pygments-0:2.2.0-22.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-pymongo-0:3.7.0-1.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-pymongo-0:3.7.0-1.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-pymongo-debuginfo-0:3.7.0-1.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-pymongo-debuginfo-0:3.7.0-1.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-pymongo-gridfs-0:3.7.0-1.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-pymongo-gridfs-0:3.7.0-1.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-PyMySQL-0:0.8.0-10.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-pysocks-0:1.6.8-6.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-pytest-0:3.4.2-13.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-pytest-mock-0:1.9.0-4.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-pytz-0:2017.2-13.module+el8.10.0+1817+0b01df83.noarch.rpm", "python2-pyyaml-0:3.12-16.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-pyyaml-0:3.12-16.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-pyyaml-debuginfo-0:3.12-16.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python2-pyyaml-debuginfo-0:3.12-16.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-requests-0:2.20.0-4.module+el8.10.0+1817+0b01df83.noarch.rpm", "python2-rpm-macros-0:3-38.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-rpm-macros-0:3-38.module+el8.9.0+1531+a18208f5.src.rpm", "python2-scipy-0:1.0.0-22.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python2-scipy-0:1.0.0-22.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python2-scipy-debuginfo-0:1.0.0-22.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python2-scipy-debuginfo-0:1.0.0-22.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python2-setuptools_scm-0:1.15.7-6.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-six-0:1.11.0-6.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-six-0:1.11.0-6.module+el8.9.0+1531+a18208f5.src.rpm", "python2-sqlalchemy-0:1.3.2-2.module+el8.9.0+1531+a18208f5.aarch64.rpm","python2-sqlalchemy-0:1.3.2-2.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python2-wheel-1:0.31.1-3.module+el8.9.0+1531+a18208f5.noarch.rpm", "python2-wheel-wheel-1:0.31.1-3.module+el8.9.0+1531+a18208f5.noarch.rpm", "python-attrs-0:17.4.0-10.module+el8.9.0+1531+a18208f5.src.rpm", "python-backports-0:1.0-16.module+el8.9.0+1531+a18208f5.src.rpm", "python-backports-ssl_match_hostname-0:3.5.0.1-12.module+el8.9.0+1531+a18208f5.src.rpm", "python-chardet-0:3.0.4-10.module+el8.9.0+1531+a18208f5.src.rpm", "python-coverage-0:4.5.1-5.module+el8.10.0+1817+0b01df83.src.rpm", "python-coverage-debugsource-0:4.5.1-5.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python-coverage-debugsource-0:4.5.1-5.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python-dns-0:1.15.0-10.module+el8.9.0+1531+a18208f5.src.rpm", "python-docs-0:2.7.16-2.module+el8.9.0+1531+a18208f5.src.rpm", "python-docutils-0:0.14-12.module+el8.10.0+1592+61442852.src.rpm", "python-docutils-0:0.14-12.module+el8.10.0+1910+234ad790.src.rpm", "python-docutils-0:0.14-12.module+el8.9.0+1531+a18208f5.src.rpm", "python-funcsigs-0:1.0.2-13.module+el8.9.0+1531+a18208f5.src.rpm", "python-idna-0:2.5-7.module+el8.9.0+1531+a18208f5.src.rpm", "python-ipaddress-0:1.0.18-6.module+el8.9.0+1531+a18208f5.src.rpm", "python-lxml-0:4.2.3-6.module+el8.9.0+1531+a18208f5.src.rpm", "python-lxml-debugsource-0:4.2.3-6.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python-lxml-debugsource-0:4.2.3-6.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python-markupsafe-0:0.23-19.module+el8.9.0+1531+a18208f5.src.rpm", "python-mock-0:2.0.0-13.module+el8.9.0+1531+a18208f5.src.rpm", "python-nose-0:1.3.7-31.module+el8.10.0+1910+234ad790.src.rpm", "python-nose-0:1.3.7-31.module+el8.9.0+1531+a18208f5.src.rpm", "python-nose-0:1.3.7-31.module+el8.10.0+1592+61442852.src.rpm", "python-nose-docs-0:1.3.7-31.module+el8.10.0+1910+234ad790.noarch.rpm", "python-nose-docs-0:1.3.7-31.module+el8.9.0+1531+a18208f5.noarch.rpm", "python-pluggy-0:0.6.0-8.module+el8.9.0+1531+a18208f5.src.rpm","python-psycopg2-0:2.7.5-8.module+el8.10.0+1817+0b01df83.src.rpm", "python-psycopg2-debuginfo-0:2.7.5-8.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python-psycopg2-debuginfo-0:2.7.5-8.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python-psycopg2-debugsource-0:2.7.5-8.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python-psycopg2-debugsource-0:2.7.5-8.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python-psycopg2-doc-0:2.7.5-8.module+el8.10.0+1817+0b01df83.aarch64.rpm", "python-psycopg2-doc-0:2.7.5-8.module+el8.10.0+1817+0b01df83.x86_64.rpm", "python-py-0:1.5.3-6.module+el8.9.0+1531+a18208f5.src.rpm", "python-pygments-0:2.2.0-22.module+el8.10.0+1592+61442852.src.rpm", "python-pygments-0:2.2.0-22.module+el8.10.0+1910+234ad790.src.rpm", "python-pygments-0:2.2.0-22.module+el8.9.0+1531+a18208f5.src.rpm", "python-pymongo-0:3.7.0-1.module+el8.10.0+1910+234ad790.src.rpm", "python-pymongo-0:3.7.0-1.module+el8.9.0+1531+a18208f5.src.rpm", "python-pymongo-0:3.7.0-1.module+el8.10.0+1592+61442852.src.rpm", "python-pymongo-debuginfo-0:3.7.0-1.module+el8.10.0+1592+61442852.aarch64.rpm", "python-pymongo-debuginfo-0:3.7.0-1.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python-pymongo-debuginfo-0:3.7.0-1.module+el8.10.0+1910+234ad790.aarch64.rpm", "python-pymongo-debuginfo-0:3.7.0-1.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python-pymongo-debugsource-0:3.7.0-1.module+el8.10.0+1592+61442852.aarch64.rpm", "python-pymongo-debugsource-0:3.7.0-1.module+el8.10.0+1910+234ad790.aarch64.rpm", "python-pymongo-debugsource-0:3.7.0-1.module+el8.9.0+1531+a18208f5.aarch64.rpm", "python-pymongo-debugsource-0:3.7.0-1.module+el8.9.0+1531+a18208f5.x86_64.rpm", "python-PyMySQL-0:0.8.0-10.module+el8.9.0+1531+a18208f5.src.rpm", "python-pysocks-0:1.6.8-6.module+el8.9.0+1531+a18208f5.src.rpm", "python-pytest-mock-0:1.9.0-4.module+el8.9.0+1531+a18208f5.src.rpm", "python-requests-0:2.20.0-4.module+el8.10.0+1817+0b01df83.src.rpm", "python-setuptools_scm-0:1.15.7-6.module+el8.9.0+1531+a18208f5.src.rpm","python-sqlalchemy-0:1.3.2-2.module+el8.9.0+1531+a18208f5.src.rpm", "python-sqlalchemy-doc-0:1.3.2-2.module+el8.9.0+1531+a18208f5.noarch.rpm", "python-virtualenv-0:15.1.0-22.module+el8.10.0+1592+61442852.src.rpm", "python-wheel-1:0.31.1-3.module+el8.10.0+1592+61442852.src.rpm", "python-wheel-1:0.31.1-3.module+el8.9.0+1531+a18208f5.src.rpm", "python-wheel-1:0.31.1-3.module+el8.10.0+1910+234ad790.src.rpm", "pytz-0:2017.2-13.module+el8.10.0+1817+0b01df83.src.rpm", "PyYAML-0:3.12-16.module+el8.9.0+1531+a18208f5.src.rpm", "PyYAML-debugsource-0:3.12-16.module+el8.9.0+1531+a18208f5.aarch64.rpm", "PyYAML-debugsource-0:3.12-16.module+el8.9.0+1531+a18208f5.x86_64.rpm", "scipy-0:1.0.0-22.module+el8.10.0+1817+0b01df83.src.rpm", "scipy-debugsource-0:1.0.0-22.module+el8.10.0+1817+0b01df83.aarch64.rpm", "scipy-debugsource-0:1.0.0-22.module+el8.10.0+1817+0b01df83.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Moderate security issue fixed in python27 for Rocky Linux with updates and specific vulnerabilities addressed.. python security update, Rocky Linux patch, python27 vulnerabilities. . LinuxSecurity.com Team
Mar 18, 2026
Rocky Linux
100
security advisorySuSEimportantSUSE: Nginx Important Auth Bypass & Leak CVE-2025-23419 CVE-2025-53859
* bsc#1236851 * bsc#1248070 Cross-References: * CVE-2025-23419 . # Security update for nginx Announcement ID: SUSE-SU-2025:03444-1 Release Date: 2025-10-01T12:43:06Z Rating: moderate References: * bsc#1236851 * bsc#1248070 Cross-References: * CVE-2025-23419 * CVE-2025-53859 CVSS scores: * CVE-2025-23419 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-23419 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-23419 ( NVD ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-23419 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-53859 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-53859 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-53859 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-53859 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * Server Applications Module 15-SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for nginx fixes the following issues: *CVE-2025-53859:Ã the server side may leak arbitrary bytes during the NGINX SMTP authentication process (bsc#1248070). * CVE-2025-23419: session resumption can bypass client certificate authentication requirements using TLSv1.3 (bsc#1236851). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-3444=1 openSUSE-SLE-15.6-2025-3444=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-3444=1 * Server Applications Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2025-3444=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * nginx-1.21.5-150600.10.12.1 * nginx-debuginfo-1.21.5-150600.10.12.1 * nginx-debugsource-1.21.5-150600.10.12.1 * openSUSE Leap 15.6 (noarch) * nginx-source-1.21.5-150600.10.12.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * nginx-1.21.5-150600.10.12.1 * nginx-debuginfo-1.21.5-150600.10.12.1 * nginx-debugsource-1.21.5-150600.10.12.1 * Server Applications Module 15-SP6 (noarch) * nginx-source-1.21.5-150600.10.12.1 * Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64) * nginx-1.21.5-150600.10.12.1 * nginx-debuginfo-1.21.5-150600.10.12.1 * nginx-debugsource-1.21.5-150600.10.12.1 * Server Applications Module 15-SP7 (noarch) * nginx-source-1.21.5-150600.10.12.1 ## References: * https://www.suse.com/security/cve/CVE-2025-23419.html * https://www.suse.com/security/cve/CVE-2025-53859.html * https://bugzilla.suse.com/show_bug.cgi?id=1236851 * https://bugzilla.suse.com/show_bug.cgi?id=1248070 . Security update for SUSE: two important nginx vulnerabilities addressed with moderate severity ratings.. nginx security update, SUSE vulnerability fix, authenticationleak, patch instructions. . Severity: Important. LinuxSecurity.com Team
Oct 01, 2025
•Important
SuSE
100
security advisorymoderateSuSESUSE Linux Micro 6.0: opensc Moderate Side-Channel Leak 2025:20530-1
* bsc#1219386 Cross-References: * CVE-2023-5992 . # Security update for opensc Announcement ID: SUSE-SU-2025:20530-1 Release Date: 2025-08-01T09:26:08Z Rating: moderate References: * bsc#1219386 Cross-References: * CVE-2023-5992 CVSS scores: * CVE-2023-5992 ( SUSE ): 4.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2023-5992 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N * CVE-2023-5992 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-5992 ( NVD ): 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for opensc fixes the following issues: * CVE-2023-5992: Fixed side-channel leaks while stripping encryption PKCS#1 padding (bsc#1219386) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-406=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * opensc-debugsource-0.24.0-4.1 * opensc-debuginfo-0.24.0-4.1 * opensc-0.24.0-4.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5992.html * https://bugzilla.suse.com/show_bug.cgi?id=1219386 . An updated feature for OpenSC tackles the crucial CVE-2023-5992 side-channel weakness found in SUSE Linux Micro 6.0.. opensc update, SUSE Linux Micro security, moderate severity. . LinuxSecurity.com Team
Aug 04, 2025
SuSE
100
security advisoryfile overwriteimportantSUSE: 2025:0121-2 important: rsync file overwrite and leak issues
* bsc#1234101 * bsc#1234102 * bsc#1234103 * bsc#1234104 . # Security update for rsync Announcement ID: SUSE-SU-2025:0121-2 Release Date: 2025-01-15T14:56:27Z Rating: important References: * bsc#1234101 * bsc#1234102 * bsc#1234103 * bsc#1234104 Cross-References: * CVE-2024-12085 * CVE-2024-12086 * CVE-2024-12087 * CVE-2024-12088 CVSS scores: * CVE-2024-12085 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-12085 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-12086 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12086 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-12086 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N * CVE-2024-12087 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-12087 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-12087 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-12088 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves four vulnerabilities can now be installed. ## Description: This update for rsync fixes the following issues: NOTE: This update was retracted due to abuggy security fix. A followup update will be provided. * CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. (bsc#1234101) * CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. (bsc#1234102) * CVE-2024-12087: arbitrary file overwrite possible on clients when symlink syncing is enabled. (bsc#1234103) * CVE-2024-12088: bypass of the --safe-links flag may allow the placement of unsafe symlinks in a client. (bsc#1234104) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-121=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-121=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-121=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-121=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-121=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-121=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-121=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * rsync-3.2.3-150000.4.28.1 * rsync-debuginfo-3.2.3-150000.4.28.1 * rsync-debugsource-3.2.3-150000.4.28.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * rsync-3.2.3-150000.4.28.1 * rsync-debuginfo-3.2.3-150000.4.28.1 * rsync-debugsource-3.2.3-150000.4.28.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * rsync-3.2.3-150000.4.28.1 *rsync-debuginfo-3.2.3-150000.4.28.1 * rsync-debugsource-3.2.3-150000.4.28.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * rsync-3.2.3-150000.4.28.1 * rsync-debuginfo-3.2.3-150000.4.28.1 * rsync-debugsource-3.2.3-150000.4.28.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * rsync-3.2.3-150000.4.28.1 * rsync-debuginfo-3.2.3-150000.4.28.1 * rsync-debugsource-3.2.3-150000.4.28.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * rsync-3.2.3-150000.4.28.1 * rsync-debuginfo-3.2.3-150000.4.28.1 * rsync-debugsource-3.2.3-150000.4.28.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * rsync-3.2.3-150000.4.28.1 * rsync-debuginfo-3.2.3-150000.4.28.1 * rsync-debugsource-3.2.3-150000.4.28.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12085.html * https://www.suse.com/security/cve/CVE-2024-12086.html * https://www.suse.com/security/cve/CVE-2024-12087.html * https://www.suse.com/security/cve/CVE-2024-12088.html * https://bugzilla.suse.com/show_bug.cgi?id=1234101 * https://bugzilla.suse.com/show_bug.cgi?id=1234102 * https://bugzilla.suse.com/show_bug.cgi?id=1234103 * https://bugzilla.suse.com/show_bug.cgi?id=1234104 . Urgent security notice regarding rsync to address significant flaws. Upgrade promptly to maintain system reliability and protection.. rsync security updates, SUSE advisory, important patches, cybersecurity, vulnerability mitigation. . Severity: Important. LinuxSecurity.com Team
Jan 15, 2025
•Important
SuSE
217
security advisorymoderateupdateOracle Linux 9 ELSA-2024-0966 Moderate: OpenSC Side-Channel Leak Fix
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-0966 https://linux.oracle.com/errata/ELSA-2024-0966.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: opensc-0.23.0-4.el9_3.i686.rpm opensc-0.23.0-4.el9_3.x86_64.rpm aarch64: opensc-0.23.0-4.el9_3.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol9/SRPMS-updates//opensc-0.23.0-4.el9_3.src.rpm Related CVEs: CVE-2023-5992 Description of changes: [0.23.0-4] - Fix CVE-2023-5992: Side-channel leaks while stripping encryption PKCS#1.5 padding _______________________________________________ El-errata mailing list
Feb 27, 2024
•Important
Oracle
100
security advisorymoderatesoftware updateSUSE: 2023:2883-1 Moderate: Proxy-Authorization Header Leak
* bsc#1211674 Cross-References: * CVE-2023-32681 . # Security update for python3-requests Announcement ID: SUSE-SU-2023:2883-1 Rating: moderate References: * bsc#1211674 Cross-References: * CVE-2023-32681 CVSS scores: * CVE-2023-32681 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N * CVE-2023-32681 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python3-requests fixes the following issues: * CVE-2023-32681: Fixed unintended leak of Proxy-Authorization header (bsc#1211674). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2023-2883=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-2883=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-2883=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-2883=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2023-2883=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch) * python3-requests-2.24.0-8.17.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * python3-requests-2.24.0-8.17.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * python3-requests-2.24.0-8.17.1 * SUSELinux Enterprise Server for SAP Applications 12 SP5 (noarch) * python3-requests-2.24.0-8.17.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (noarch) * python3-requests-2.24.0-8.17.1 ## References: * https://www.suse.com/security/cve/CVE-2023-32681.html * https://bugzilla.suse.com/show_bug.cgi?id=1211674 . A recent security patch for python3-requests effectively resolves an issue related to Proxy-Authorization header exposure across various SUSE applications.. SUSE Update, Proxy Leak Fix, Python3 Requests Patch, Security Advisory, Software Vulnerability. . LinuxSecurity.com Team
Feb 27, 2024
SuSE
202
security advisorymoderateupdateopenSUSE: 2023:2866-1 Moderate: Python-Requests Proxy-Authorization Leak
This update for python-requests fixes the following issues: CVE-2023-32681: Fixed unintended leak of Proxy-Authorization header (bsc#1211674).. # Security update for python-requests Announcement ID: SUSE-SU-2023:2866-1 Rating: moderate References: * #1211674 Cross-References: * CVE-2023-32681 CVSS scores: * CVE-2023-32681 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N * CVE-2023-32681 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP4 * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-requests fixes the following issues: * CVE-2023-32681: Fixed unintended leak of Proxy-Authorization header (bsc#1211674). ## Patch Instructions: To install this SUSE Moderate update use the SUSE recommended installation methods like YaST online_update or "zypperpatch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-2866=1 * SUSE Linux Enterprise Real Time 15 SP3 zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-2866=1 * SUSE Manager Proxy 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-2866=1 * SUSE Manager Retail Branch Server 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.2-2023-2866=1 * SUSE Manager Server 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-2866=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2023-2866=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-2866=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-2866=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2023-2866=1 * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-2866=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-2866=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2023-2866=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2023-2866=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2023-2866=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2023-2866=1 * Basesystem Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-2866=1 ## Package List: * Basesystem Module 15-SP5 (noarch) * python3-requests-2.24.0-150300.3.3.1 * SUSE Linux Enterprise Real Time 15 SP3 (noarch) * python3-requests-2.24.0-150300.3.3.1 * SUSE Manager Proxy 4.2 (noarch) * python3-requests-2.24.0-150300.3.3.1 * SUSE Manager Retail Branch Server 4.2 (noarch) * python3-requests-2.24.0-150300.3.3.1 *SUSE Manager Server 4.2 (noarch) * python2-requests-2.24.0-150300.3.3.1 * python3-requests-2.24.0-150300.3.3.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * python3-requests-2.24.0-150300.3.3.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * python3-requests-2.24.0-150300.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * python3-requests-2.24.0-150300.3.3.1 * openSUSE Leap Micro 5.3 (noarch) * python3-requests-2.24.0-150300.3.3.1 * openSUSE Leap 15.4 (noarch) * python3-requests-2.24.0-150300.3.3.1 * openSUSE Leap 15.5 (noarch) * python3-requests-2.24.0-150300.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * python3-requests-2.24.0-150300.3.3.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * python3-requests-2.24.0-150300.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * python3-requests-2.24.0-150300.3.3.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * python3-requests-2.24.0-150300.3.3.1 * Basesystem Module 15-SP4 (noarch) * python3-requests-2.24.0-150300.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-32681.html * https://bugzilla.suse.com/show_bug.cgi?id=1211674 . An update for python-requests has been issued to resolve CVE-2023-32681, which addresses an issue regarding Proxy-Authorization leakage in a variety of SUSE distributions.. python-requests Update, openSUSE Security Fix, Proxy-Authorization Leak. . LinuxSecurity.com Team
Jul 18, 2023
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!