Alerts This Week
Warning Icon 1 609
Alerts This Week
Warning Icon 1 609

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 44 Transmission 4.1.2 Important Clickjacking Fix CVE-2026-38978

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 libre 4.8.1 Critical Update Details for Real-Time Communication

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 NextCloud Update Denial of Service JSON Tampering 2026-30881a5be7

Calendar White Jun 05, 2026
Important
Fedora Large Esm H800
Fedora

Fedora 44 python-starlette Security Fix for CVE-2026-48710

Calendar White Jun 05, 2026
Critical
Fedora Large Esm H900
Fedora

Fedora 44 perl-Cpanel-JSON-XS Moderate Denial of Service CVE-2026-9516

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 rubygem-yard High Path Traversal Fix Vuln 2026-acefc1fe48

Calendar White Jun 05, 2026
high
Fedora Large Esm H800
Fedora

Fedora 44 Rust Sequoia Sop Low-Severity Fix Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-sq Low Threat Security Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-wot Low Severity Security Fix 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 6 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorydenial of serviceGentoo

Gentoo: GLSA-202305-20 Low Severity: libapreq2 Buffer Overflow DoS

A buffer overflow vulnerability has been discovered in libapreq2 which could result in denial of service.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202305-20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: libapreq2: Buffer Overflow Date: May 03, 2023 Bugs: #866536 ID: 202305-20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A buffer overflow vulnerability has been discovered in libapreq2 which could result in denial of service. Background ========= libapreq is a shared library with associated modules for manipulating client request data via the Apache API. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-apache/libapreq2 < 2.17 > = 2.17 Description ========== TODO Impact ===== An attacker could submit a crafted multipart form to trigger the buffer overflow and cause a denial of service. Workaround ========= There is no known workaround at this time. Resolution ========= All libapreq2 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =www-apache/libapreq2-2.17" References ========= [ 1 ] CVE-2022-22728 https://nvd.nist.gov/vuln/detail/CVE-2022-22728 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202305-20 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us.Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Gentoo Linux Advisory GLSA 202305-21 highlights a vulnerability in libxml2, potentially resulting in system compromise.. Buffer Overflow,Gentoo Security Advisory,libapreq2,Denial of Service. . Severity: Low. LinuxSecurity.com Team

Calendar 2 May 03, 2023 Low Gentoo
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorydenial of servicebuffer overflow

Mageia 8: MGASA-2023-0123 Critical: libapreq2 Buffer Overflow Issue

A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could lead to a denial of service attack. (CVE-2022-22728) . MGASA-2023-0123 - Updated libapreq2 packages fix security vulnerability Publication date: 06 Apr 2023 URL: https://advisories.mageia.org/MGASA-2023-0123.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-22728 A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could lead to a denial of service attack. (CVE-2022-22728) References: - https://bugs.mageia.org/show_bug.cgi?id=30778 - https://www.openwall.com/lists/oss-security/2022/08/25/3 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/2PUUS3JL44UUSLJTSXE46HVKZIW7E7PE/ - https://www.openwall.com/lists/oss-security/2023/01/02/2 - https://lists.debian.org/debian-lts-announce/2023/01/msg00009.html - https://www.cve.org/CVERecord?id=CVE-2022-22728 SRPMS: - 8/core/libapreq2-2.130.0-31.1.mga8 . Mageia 2023-0134 introduces a vital patch for libapreq2 aimed at correcting a security vulnerability related to buffer overflow and potential remote denial of service exploits.. libapreq2 security update,Mageia 2023 advisory,apache buffer overflow,remote attack fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 06, 2023 Critical Mageia
Banner 2 1028x280 1708121730 1 1771599631
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of servicebuffer overflow

Debian Buster: DLA-3269-1 Critical: Libapreq2 Buffer Overflow

A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could lead to a denial of service attack. . ------------------------------------------------------------------------- Debian LTS Advisory DLA-3269-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Tobias Frost January 14, 2023 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : libapreq2 Version : 2.13-7~deb10u2 CVE ID : CVE-2022-22728 Debian Bug : 1018191 A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could lead to a denial of service attack. For Debian 10 buster, this problem has been fixed in version 2.13-7~deb10u2. We recommend that you upgrade your libapreq2 packages. For the detailed security status of libapreq2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/libapreq2 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Enhance libapreq2 to address a buffer overflow vulnerability in Apache that might lead to a denial of service on Debian instances.. libapreq2, Debian Security, Buffer Overflow Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 14, 2023 Critical Debian LTS
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoramemory corruption

Fedora 35: 2022-cf658a432f Critical: libapreq2 Memory Corruption Fix

Fix CVE-2022-22728.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-cf658a432f 2022-09-13 01:29:12.232105 --------------------------------------------------------------------------------Name : libapreq2 Product : Fedora 35 Version : 2.17 Release : 1.fc35 URL : https://httpd.apache.org/apreq/ Summary : Apache HTTP request library Description : libapreq is a shared library with associated modules for manipulating client request data via the Apache API. Functionality includes parsing of application/x-www-form-urlencoded and multipart/form-data content, as well as HTTP cookies. --------------------------------------------------------------------------------Update Information: Fix CVE-2022-22728. --------------------------------------------------------------------------------ChangeLog: * Sat Sep 3 2022 Bojan Smojver - 2.17-1 - Bump up to 2.17 - CVE-2022-22728 * Thu Jul 21 2022 Fedora Release Engineering - 2.16-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Wed Jun 1 2022 Jitka Plesnikova - 2.16-5 - Perl 5.36 rebuild * Thu Jan 20 2022 Fedora Release Engineering - 2.16-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #2123769 - CVE-2022-22728 libapreq2: multipart form parse memory corruption [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2123769 [ 2 ] Bug #2123770 - CVE-2022-22728 libapreq2: multipart form parse memory corruption [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2123770 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-cf658a432f' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Fedora 35 has released an update to fix a memory vulnerability in libapreq2. This important patch enhances API performance, safeguarding user data and boosting system stability. libapreq2 Update,Fedora Advisory,Memory Corruption Fix,Security Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 12, 2022 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoramemory corruption

Fedora 36: 2022-61f5b492b7 Moderate: libapreq2 Memory Corruption Fix

Fix CVE-2022-22728.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-61f5b492b7 2022-09-13 01:25:49.112172 --------------------------------------------------------------------------------Name : libapreq2 Product : Fedora 36 Version : 2.17 Release : 1.fc36 URL : https://httpd.apache.org/apreq/ Summary : Apache HTTP request library Description : libapreq is a shared library with associated modules for manipulating client request data via the Apache API. Functionality includes parsing of application/x-www-form-urlencoded and multipart/form-data content, as well as HTTP cookies. --------------------------------------------------------------------------------Update Information: Fix CVE-2022-22728. --------------------------------------------------------------------------------ChangeLog: * Sat Sep 3 2022 Bojan Smojver - 2.17-1 - Bump up to 2.17 - CVE-2022-22728 * Thu Jul 21 2022 Fedora Release Engineering - 2.16-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Wed Jun 1 2022 Jitka Plesnikova - 2.16-5 - Perl 5.36 rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #2123769 - CVE-2022-22728 libapreq2: multipart form parse memory corruption [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2123769 [ 2 ] Bug #2123770 - CVE-2022-22728 libapreq2: multipart form parse memory corruption [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2123770 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-61f5b492b7' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keysused by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Patches addressing memory corruption vulnerabilities in libapreq2 have been introduced in the latest Fedora 36 update.. Libapreq2 Update, Fedora Security, Threat Mitigation. . LinuxSecurity.com Team

Calendar 2 Sep 12, 2022 Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedorasoftware patch

Fedora 37: libapreq2 Memory Corruption Fix (CVE-2022-22728)

Fix CVE-2022-22728.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-9e5046934e 2022-09-12 17:36:48.820675 --------------------------------------------------------------------------------Name : libapreq2 Product : Fedora 37 Version : 2.17 Release : 1.fc37 URL : https://httpd.apache.org/apreq/ Summary : Apache HTTP request library Description : libapreq is a shared library with associated modules for manipulating client request data via the Apache API. Functionality includes parsing of application/x-www-form-urlencoded and multipart/form-data content, as well as HTTP cookies. --------------------------------------------------------------------------------Update Information: Fix CVE-2022-22728. --------------------------------------------------------------------------------ChangeLog: * Sat Sep 3 2022 Bojan Smojver - 2.17-1 - Bump up to 2.17 - CVE-2022-22728 --------------------------------------------------------------------------------References: [ 1 ] Bug #2123769 - CVE-2022-22728 libapreq2: multipart form parse memory corruption [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2123769 [ 2 ] Bug #2123770 - CVE-2022-22728 libapreq2: multipart form parse memory corruption [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2123770 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-9e5046934e' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Follow these steps to address memory corruption in libapreq2 on Fedora 37 while applying the patch for CVE-2022-22728 and ensure system security. libapreq2 update,Fedora security,software patch,open source security. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 12, 2022 Important Fedora
Banner 2 1028x280 1708121730 1 1771599631
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorysoftware patchupdate instructions

Ubuntu 18.04 LTS USN-4558-1: Libapreq2 Crash Risk from Network Traffic

libapreq2 could be made to crash if it received specially crafted network traffic.. =========================================================================Ubuntu Security Notice USN-4558-1 September 30, 2020 libapreq2 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: libapreq2 could be made to crash if it received specially crafted network traffic. Software Description: - libapreq2: a safe, standards-compliant, high-performance library used for parsing HTTP cookies, query-strings and POST data Details: It was discovered that libapreq2 did not properly sanitize the Content-Type field in certain, crafted HTTP requests. An attacker could use this vulnerability to cause libapreq2 to crash. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: libapache2-mod-apreq2 2.13-7~deb10u1build0.18.04.1 libapache2-request-perl 2.13-7~deb10u1build0.18.04.1 libapreq2-3 2.13-7~deb10u1build0.18.04.1 libapreq2-dev 2.13-7~deb10u1build0.18.04.1 In general, a standard system update will make all the necessary changes. References: CVE-2019-12412 Package Information: https://launchpad.net/ubuntu/+source/libapreq2/2.13-7~deb10u1build0.18.04.1 -- ubuntu-security-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce . Ubuntu Security Notice USN-4560-1 addresses a serious libcurl vulnerability that may result in system instability when encountering certain types of URL requests.. libapreq2, network crash, ubuntu update, security patch, software vulnerability. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 30, 2020 Critical Ubuntu
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorydenial of serviceremote attack

Mageia: 2019-0327 Moderate: libapreq2 NULL Pointer Dereference Attack

Updated libapreq2 packages fix security vulnerability: Max Kellermann reported a NULL pointer dereference flaw in libapreq2, allowing a remote attacker to cause a denial of service against an application using the library (application crash) if an invalid nested . MGASA-2019-0327 - Updated libapreq2 packages fix security vulnerability Publication date: 14 Nov 2019 URL: https://advisories.mageia.org/MGASA-2019-0327.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-12412 Updated libapreq2 packages fix security vulnerability: Max Kellermann reported a NULL pointer dereference flaw in libapreq2, allowing a remote attacker to cause a denial of service against an application using the library (application crash) if an invalid nested "multipart" body is processed (CVE-2019-12412). References: - https://bugs.mageia.org/show_bug.cgi?id=25638 - https://lists.debian.org/debian-security-announce/2019/msg00190.html - https://www.cve.org/CVERecord?id=CVE-2019-12412 SRPMS: - 7/core/libapreq2-2.130.0-28.1.mga7 . Enhanced libapreq2 versions resolve a severe NULL pointer vulnerability highlighted by Max Kellermann, boosting system resilience.. Mageia, libapreq2, security update, denial of service, NULL pointer flaw. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 14, 2019 Important Mageia
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here