Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisoryhigh severityremote attack

Arch Linux: 202007-6 High: libjcat Insufficient Validation Exploit

The package libjcat before version 0.1.3-1 is vulnerable to insufficient validation. . Arch Linux Security Advisory ASA-202007-6 ======================================== Severity: High Date : 2020-07-31 CVE-ID : CVE-2020-10759 Package : libjcat Type : insufficient validation Remote : Yes Link : https://security.archlinux.org/AVG-1185 Summary ====== The package libjcat before version 0.1.3-1 is vulnerable to insufficient validation. Resolution ========= Upgrade to 0.1.3-1. # pacman -Syu "libjcat> =0.1.3-1" The problem has been fixed upstream in version 0.1.3. Workaround ========= None. Description ========== A PGP signature verification bypass has been found in fwupd prior to 1.4.0, and in libjcat

Calendar 2 Jul 31, 2020 ArchLinux
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentoocode execution

Gentoo: GLSA-202007-04 Normal: fwupd, libjcat Code Execution

Multiple vulnerabilities have been found in fwupd and libjcat, the worst of which could result in the arbitrary execution of code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202007-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: fwupd, libjcat: Multiple vulnerabilities Date: July 26, 2020 Bugs: #727656 ID: 202007-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in fwupd and libjcat, the worst of which could result in the arbitrary execution of code. Background ========= fwupd aims to make updating firmware on Linux automatic, safe and reliable. libjcat is a library and tool for reading and writing Jcat files. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 sys-apps/fwupd < 1.3.10 > = 1.3.10 2 dev-libs/libjcat < 0.1.3 > = 0.1.3 ------------------------------------------------------------------- 2 affected packages Description ========== Multiple vulnerabilities have been discovered in fwupd and libjcat. Please review the CVE identifiers referenced below for details. Impact ===== Please review the referenced CVE identifiers for details. Workaround ========= There is no known workaround at this time. Resolution ========= All fwupd users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =sys-apps/fwupd-1.3.10" All libjcat users should upgrade to the latest version: # emerge --sync # emerge--ask --oneshot --verbose "> =dev-libs/libjcat-0.1.3" References ========= [ 1 ] CVE-2020-10759 https://nvd.nist.gov/vuln/detail/CVE-2020-10759 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202007-04 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org . License ====== Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Gentoo has released a critical advisory on security vulnerabilities affecting fwupd and libjcat, urging swift action to safeguard system integrity. Gentoo Linux, security advisory, fwupd vulnerabilities, libjcat security, code execution risks. . LinuxSecurity.com Team

Calendar 2 Jul 26, 2020 Gentoo
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderatefedora

Fedora 32: libjcat FEDORA-2020-eec60309f2 Moderate: Signature Bypass

Security fix for CVE-2020-10759. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-eec60309f2 2020-06-16 01:25:41.304231 --------------------------------------------------------------------------------Name : libjcat Product : Fedora 32 Version : 0.1.2 Release : 2.fc32 URL : https://github.com/hughsie/libjcat Summary : Library for reading Jcat files Description : This library allows reading and writing gzip-compressed JSON catalog files, which can be used to store GPG, PKCS-7 and SHA-256 checksums for each file. This provides equivalent functionality to the catalog files supported in Microsoft Windows. --------------------------------------------------------------------------------Update Information: Security fix for CVE-2020-10759 --------------------------------------------------------------------------------ChangeLog: * Fri Jun 5 2020 Richard Hughes 0.1.2-2 - Fix for CVE-2020-10759 * Mon Apr 27 2020 Richard Hughes 0.1.2-1 - New upstream release - Build fixes mostly for RHEL * Tue Apr 14 2020 Richard Hughes 0.1.1-1 - New upstream release - Allow adding an item ID 'alias' - Make the installed tests actually work --------------------------------------------------------------------------------References: [ 1 ] Bug #1844316 - CVE-2020-10759 fwupd: Possible bypass in signature verification https://bugzilla.redhat.com/show_bug.cgi?id=1844316 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-eec60309f2' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Crucial patch for libjcat in Fedora tackles CVE-2020-10759 to improve library safety.. Libjcat Update, Fedora Security, Signature Bypass, CVE Fixes. . LinuxSecurity.com Team

Calendar 2 Jun 15, 2020 Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here