Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
89
security advisorydenial of servicefedoraFedora 44 libgsasl Important DoS Boundary Check gss_wrap 2026-5868a8d652
GSSAPI server: Boundary check gss_wrap token (read OOB). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-5868a8d652 2026-04-25 01:21:36.171025+00:00 -------------------------------------------------------------------------------- Name : libgsasl Product : Fedora 44 Version : 1.10.0 Release : 15.fc44 URL : https://www.gnu.org/software/gsasl/ Summary : GNU SASL library Description : The library includes support for the SASL framework and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, and NTLM mechanisms. -------------------------------------------------------------------------------- Update Information: GSSAPI server: Boundary check gss_wrap token (read OOB) -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 26 2026 Peter Lemenkov - 1.10.0-15 - Fix CVE-2022-2469 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2451759 - CVE-2022-2469 libgsasl: Out of bounds read causes DoS [fedora-44] https://bugzilla.redhat.com/show_bug.cgi?id=2451759 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-5868a8d652' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Apr 25, 2026
•Important
Fedora
89
security advisoryfedoraDoSUbuntu 22.04 libpng Major Security Patch 2025-b9e4e5a954
GSSAPI server: Boundary check gss_wrap token (read OOB). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-a8d6c7c064 2026-04-04 01:02:26.879255+00:00 -------------------------------------------------------------------------------- Name : libgsasl Product : Fedora 42 Version : 1.10.0 Release : 15.fc42 URL : https://www.gnu.org/software/gsasl/ Summary : GNU SASL library Description : The library includes support for the SASL framework and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, and NTLM mechanisms. -------------------------------------------------------------------------------- Update Information: GSSAPI server: Boundary check gss_wrap token (read OOB) -------------------------------------------------------------------------------- ChangeLog: * Thu Mar 26 2026 Peter Lemenkov - 1.10.0-15 - Fix CVE-2022-2469 * Fri Jan 16 2026 Fedora Release Engineering - 1.10.0-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Thu Jul 24 2025 Fedora Release Engineering - 1.10.0-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2119153 - CVE-2022-2469 libgsasl: Out of bounds read causes DoS [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2119153 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-a8d6c7c064' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Apr 04, 2026
•Important
Fedora
100
security advisorymoderatesecurity issueSUSE 2022:3561-1 Moderate: libgsasl Out Of Bounds Security Advisory
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for libgsasl ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3561-1 Rating: moderate References: #1201715 Cross-References: CVE-2022-2469 CVSS scores: CVE-2022-2469 (NVD) : 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2022-2469 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: SUSE Linux Enterprise Module for SUSE Manager Proxy 4.2 SUSE Linux Enterprise Module for SUSE Manager Server 4.2 SUSE Manager Proxy 4.2 SUSE Manager Server 4.2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libgsasl fixes the following issues: - CVE-2022-2469: Fixed OOB read in GSSAPI server (bsc#1201715). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for SUSE Manager Server 4.2: zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.2-2022-3561=1 - SUSE Linux Enterprise Module for SUSE Manager Proxy 4.2: zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.2-2022-3561=1 Package List: - SUSE Linux Enterprise Module for SUSE Manager Server 4.2 (aarch64 ppc64le s390x x86_64): libgsasl-debugsource-1.8.0-150300.3.3.1 libgsasl7-1.8.0-150300.3.3.1 libgsasl7-debuginfo-1.8.0-150300.3.3.1 - SUSE Linux Enterprise Module for SUSE Manager Server 4.2 (noarch): libgsasl-lang-1.8.0-150300.3.3.1 - SUSE Linux Enterprise Module for SUSE Manager Proxy 4.2 (aarch64 ppc64le s390x x86_64): libgsasl-debugsource-1.8.0-150300.3.3.1 libgsasl7-1.8.0-150300.3.3.1 libgsasl7-debuginfo-1.8.0-150300.3.3.1 - SUSE Linux Enterprise Module for SUSE Manager Proxy 4.2 (noarch): libgsasl-lang-1.8.0-150300.3.3.1 References: https://www.suse.com/security/cve/CVE-2022-2469.html https://bugzilla.suse.com/1201715 . SUSE Security Announcement for libgsasl resolves CVE-2022-2469, a notable vulnerability impacting systems urgently.. SUSE Manager Security Update, libgsasl CVE Fix, SUSE Linux Security Patch. . LinuxSecurity.com Team
Oct 11, 2022
SuSE
100
security advisorymoderateSUSE LinuxSUSE: 2022:3563-1 Moderate: Out Of Bounds Read In Libgsasl
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for libgsasl ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3563-1 Rating: moderate References: #1201715 Cross-References: CVE-2022-2469 CVSS scores: CVE-2022-2469 (NVD) : 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2022-2469 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: SUSE Linux Enterprise Module for SUSE Manager Proxy 4.3 SUSE Linux Enterprise Module for SUSE Manager Server 4.3 SUSE Manager Proxy 4.3 SUSE Manager Server 4.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libgsasl fixes the following issues: - CVE-2022-2469: Fixed OOB read in GSSAPI server (bsc#1201715). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for SUSE Manager Server 4.3: zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2022-3563=1 - SUSE Linux Enterprise Module for SUSE Manager Proxy 4.3: zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2022-3563=1 Package List: - SUSE Linux Enterprise Module for SUSE Manager Server 4.3 (aarch64 ppc64le s390x x86_64): libgsasl-debugsource-1.8.0-150400.3.3.1 libgsasl7-1.8.0-150400.3.3.1 libgsasl7-debuginfo-1.8.0-150400.3.3.1 - SUSE Linux Enterprise Module for SUSE Manager Server 4.3 (noarch): libgsasl-lang-1.8.0-150400.3.3.1 - SUSE Linux Enterprise Module for SUSE Manager Proxy 4.3 (aarch64 ppc64le s390x x86_64): libgsasl-debugsource-1.8.0-150400.3.3.1 libgsasl7-1.8.0-150400.3.3.1 libgsasl7-debuginfo-1.8.0-150400.3.3.1 - SUSE Linux Enterprise Module for SUSE Manager Proxy 4.3 (noarch): libgsasl-lang-1.8.0-150400.3.3.1 References: https://www.suse.com/security/cve/CVE-2022-2469.html https://bugzilla.suse.com/1201715 . Unveil the specifics of the SUSE security patch targeting a medium concern in libgsasl. Key information provided.. SUSE Security Update, libgsasl, SUSE Manager Proxy, SUSE Manager Server. . LinuxSecurity.com Team
Oct 11, 2022
SuSE
100
security advisorymoderatepatchSUSE: 2022:3562-1 Moderate: libgsasl Out Of Bounds Read
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for libgsasl ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3562-1 Rating: moderate References: #1201715 Cross-References: CVE-2022-2469 CVSS scores: CVE-2022-2469 (NVD) : 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2022-2469 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1 SUSE Linux Enterprise Module for SUSE Manager Server 4.1 SUSE Manager Proxy 4.1 SUSE Manager Server 4.1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for libgsasl fixes the following issues: - CVE-2022-2469: Fixed OOB read in GSSAPI server (bsc#1201715). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.1-2022-3562=1 - SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.1-2022-3562=1 Package List: - SUSE Linux Enterprise Module for SUSE Manager Server 4.1 (aarch64 ppc64le s390x x86_64): libgsasl-debugsource-1.8.0-150200.3.3.1 libgsasl7-1.8.0-150200.3.3.1 libgsasl7-debuginfo-1.8.0-150200.3.3.1 - SUSE Linux Enterprise Module for SUSE Manager Server 4.1 (noarch): libgsasl-lang-1.8.0-150200.3.3.1 - SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1 (aarch64 ppc64le s390x x86_64): libgsasl-debugsource-1.8.0-150200.3.3.1 libgsasl7-1.8.0-150200.3.3.1 libgsasl7-debuginfo-1.8.0-150200.3.3.1 - SUSE Linux Enterprise Module for SUSE Manager Proxy 4.1 (noarch): libgsasl-lang-1.8.0-150200.3.3.1 References: https://www.suse.com/security/cve/CVE-2022-2469.html https://bugzilla.suse.com/1201715 . SUSE Security Update for libsasl resolves a significant out-of-bounds reading vulnerability in Manager Server and Proxy functionality.. SUSE Manager Server, libgsasl Security, SUSE Updates, Security Patches. . LinuxSecurity.com Team
Oct 11, 2022
SuSE
203
security advisorysecurity issuecriticalMageia: 2022-0298 Critical Libgsasl Read-Out-Of-Bounds Security Alert
GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client. (CVE-2022-2469) References: - https://bugs.mageia.org/show_bug.cgi?id=30670 . MGASA-2022-0298 - Updated libgsasl packages fix security vulnerability Publication date: 25 Aug 2022 URL: https://advisories.mageia.org/MGASA-2022-0298.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-2469 GNU SASL libgsasl server-side read-out-of-bounds with malicious authenticated GSS-API client. (CVE-2022-2469) References: - https://bugs.mageia.org/show_bug.cgi?id=30670 - https://lists.debian.org/debian-security-announce/2022/msg00158.html - https://www.cve.org/CVERecord?id=CVE-2022-2469 SRPMS: - 8/core/libgsasl-1.8.1-2.1.mga8 . A security patch has been released for Mageia's libgsasl to address a critical out-of-bounds read vulnerability, impacting server functionalities.. mageia, libgsasl, security fix, read-out-of-bounds, GSS-API. . Severity: Critical. LinuxSecurity.com Team
Aug 25, 2022
•Critical
Mageia
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!