Alerts This Week
Warning Icon 1 619
Alerts This Week
Warning Icon 1 619

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorydenial of servicebuffer overflow

SuSE: SA-2003:0010 Low Risk: Libmcrypt Buffer Overflow Exploits

libmcrypt versions /dev/null | grep RPMDELETE | cut -d " " -f 1 | sort | uniq There is no temporary fix known. Please install the new packages from our FTP servers. Please download the update package for your distribution and verify its integrity by the methods listed in section 3) of this announcement. Then, install the package using the command "rpm -Fhv file.rpm" to apply the update. Our maintenance customers are being notified individually. The packages are being offered to install from the maintenance web. Intel i386 Platform: SuSE-8.1: 6dc3127a069545b9cb00cafd9897021f patch rpm(s): 3b88d2a7f1bf409ec6cdee4702c8dc40 source rpm(s): 8feed7301cb26aaa27084baea4a1677e SuSE-8.1: 52bdf4a54df9fc698971fc1223b73d3d patch rpm(s): 5ecc44d5b4d6f35a4f57db1d7092575e source rpm(s): 8feed7301cb26aaa27084baea4a1677e SuSE-8.0: 45997d80e97ce180a14b692b1f63b34b patch rpm(s): 5ee228e095fbb3f53027a8a902978975 source rpm(s): 6c189dcf7bcbffa7f271cdeb9065e212 SuSE-8.0: 36b45ac7281a3dd2ba94794e26012180 patch rpm(s): 21ad28cb8dad5e418f0185b53470502c source rpm(s): 6c189dcf7bcbffa7f271cdeb9065e212 SuSE-7.3: f38972e593b79b8e22d5db86d9f75083 source rpm(s): 8390dbcef0b58b3cca5141254f3af8ea SuSE-7.3: 6c5df7c177d88509aa10868142262868 source rpm(s): 8390dbcef0b58b3cca5141254f3af8ea SuSE-7.2: 5ff561010a642a26f92b1a491df6317c source rpm(s): 5430bf5ca7f79c16248024cbd6eb735a SuSE-7.2: 7afa785605e65106a3a250bd166ca2ef source rpm(s): 5430bf5ca7f79c16248024cbd6eb735a SuSE-7.1: 4208d6905aa7c7dd13de30aa945f1693 source rpm(s): d6c0a61d874869ee3927af3b58335ff4 SuSE-7.1: 03028dbcf99e6fe167a30cd9b2e6da0f sourcerpm(s): d6c0a61d874869ee3927af3b58335ff4 Sparc Platform: SuSE-7.3: ae638ffb875f53df64325e8e0a148807 source rpm(s): c6bdd14b370e0ca912e8ca7615580df0 SuSE-7.3: 846455cc24b212f7b7287332cababc06 source rpm(s): c6bdd14b370e0ca912e8ca7615580df0 AXP Alpha Platform: SuSE-7.1: 3789bb0a9411d85ec4514490f342a70f source rpm(s): c8dd2a18ccb249ed384df14359ba094e SuSE-7.1: fa61fea31359365d07ccf45a56b1ca80 source rpm(s): c8dd2a18ccb249ed384df14359ba094e PPC Power PC Platform: SuSE-7.3: f75b386d8894c98fd0fa534d3560abbe source rpm(s): 5a3b3ce95652b81efb738b59aec1a7e4 SuSE-7.3: 6d3cea579e658b66ea62c97d4c58ce17 source rpm(s): 5a3b3ce95652b81efb738b59aec1a7e4 SuSE-7.1: f097c1a2ce67b85cffb8f0076a6c09c3 source rpm(s): 9df0c47eb030905edeed919750aec9df SuSE-7.1: dc79a537365aae51c27d60dabb2615bf source rpm(s): 9df0c47eb030905edeed919750aec9df ______________________________________________________________________________ 2) Pending vulnerabilities in SuSE Distributions and Workarounds: - OpenSSL Update packages for the recently found weakness in the openssl package are available on our ftp servers. An announcement concerning this issue follows this announcement. - VNC VNC (Virtual Network Computing) uses a weak cookie generation process which can be exploited by an attacker to bypass authentication. New packages are currently being tested and will be available on our FTP servers soon. - w3m The textbased web-browser w3m does not properly escape HTML tags. A malicious HTML page or img alt attribute may lead to information leakage. New packages will be available soon. ______________________________________________________________________________ 3) standard appendix: authenticity verification, additional information - Package authenticity verification: SuSE update packages are available on many mirror ftp servers all over the world. While this service is being considered valuable and important to the free and open source software community, many users wish to be sure about the origin of the package and its content before installing the package. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or rpm package: 1) md5sums as provided in the (cryptographically signed) announcement. 2) using the internal gpg signatures of the rpm package. 1) execute the command md5sum after you downloaded the file from a SuSE ftp server or its mirrors. Then, compare the resulting md5sum with the one that is listed in the announcement. Since the announcement containing the checksums is cryptographically signed (usually using the key This email address is being protected from spambots. You need JavaScript enabled to view it. ), the checksums show proof of the authenticity of the package. We disrecommend to subscribe to security lists which cause the email message containing the announcement to be modified so that the signature does not match after transport through the mailing list software. Downsides: You must be able to verify the authenticity of the announcement in the first place. If RPM packages are being rebuilt and a new version of a package is published on the ftp server, all md5 sums for the files are useless. 2) rpm package signatures provide an easy way to verify the authenticity of an rpm package. Use the command rpm -v --checksig to verify the signature of the package, where is the filename of the rpm package that you have downloaded. Of course, package authenticity verification can only target an un-installed rpm package file. Prerequisites: a) gpg isinstalled b) The package is signed using a certain key. The public part of this key must be installed by the gpg program in the directory ~/.gnupg/ under the user's home directory who performs the signature verification (usually root). You can import the key that is used by SuSE in rpm packages for SuSE Linux by saving this announcement to a file ("announcement.txt") and running the command (do "su -" to be root): gpg --batch; gpg < announcement.txt | gpg --import SuSE Linux distributions version 7.1 and thereafter install the key " This email address is being protected from spambots. You need JavaScript enabled to view it. " upon installation or upgrade, provided that the package gpg is installed. The file containing the public key is placed at the top-level directory of the first CD (pubring.gpg) and at . - SuSE runs two security mailing lists to which any interested party may subscribe: This email address is being protected from spambots. You need JavaScript enabled to view it. - general/linux/SuSE security discussion. All SuSE security announcements are sent to this list. To subscribe, send an email to . This email address is being protected from spambots. You need JavaScript enabled to view it. - SuSE's announce-only mailing list. Only SuSE's security announcements are sent to this list. To subscribe, send an email to . For general information or the frequently asked questions (faq) send mail to: or respectively. ==================================================================== SuSE's security contact is or . The public key is listed below. ====================================================================______________________________________________________________________________ The information in this advisory may be distributed or reproduced, provided that the advisory is not modified in any way. In particular, it is desired that the clear-text signature shows proof of the authenticity of the text. SuSE Linux AG makes no warranties of any kind whatsoever with respect to the information contained in this security advisory. Type Bits/KeyID Date User ID pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key . Libmcrypt is vulnerable to buffer overflow risks, allowing for local privilege escalation and possible denial-of-service problems. Timely updates are essential to fix these threats. Libmcrypt Update, Buffer Overflow Advisory, SuSE Security Alert. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Feb 26, 2003 Low SuSE
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorybuffer overflowcritical

Ubuntu: DSA 229-2 Important: libz Buffer Overflow and Input Validation

There are multiple vulnerabilities in libmcrypt including a buffer overflow and a memory leak.. -------------------------------------------------------------------------- Debian Security Advisory DSA 228-1 This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Martin Schulze January 14th, 2003 Debian -- Debian security FAQ -------------------------------------------------------------------------- Package : libmcrypt Vulnerability : buffer overflows and memory leak Problem-type : remote Debian-specific: no CVE Id : CAN-2003-0031 CAN-2003-0032 Ilia Alshanetsky discovered several buffer overflows in libmcrypt, a decryption and encryption library, that originates in from improper or lacking input validation. By passing input which is longer then expected to a number of functions (multiple functions are affected) the user can successful make libmcrypt crash and may be able to insert arbitrary, malicious, code which will be executed under the user libmcrypt runs as, e.g. inside a web server. Another vulnerability exists in the way libmcrypt loads algorithms via libtool. When different algorithms are loaded dynamically, each time an algorithm is loaded a small part of memory is leaked. In a persistant enviroment (web server) this could lead to a memory exhaustion attack that will exhaust all avaliable memory by launching repeated requests at an application utilizing the mcrypt library. For the current stable distribution (woody) this problem has been fixed in version 2.5.0-1woody1. The old stable distribution (potato) does not contain libmcrypt packages. For the unstable distribution (sid) these problems have been fixed in version 2.5.5-1. We recommend that you upgrade your libmcrypt packages. Upgrade Instructions -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the linefor sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody -------------------------------- Source archives: Size/MD5 checksum: 599 d8db647ab3b129e238b9521c6d1eeaec Size/MD5 checksum: 3374 fa752fede70fcbe88e690fe084edbe47 Size/MD5 checksum: 498937 0d67938f9992f7ebd9906b128e2efd88 Alpha architecture: Size/MD5 checksum: 510288 1facd4af685e1131ff7806a26a5be349 Size/MD5 checksum: 169358 194c71dc0913bc321164ece862c13d1d ARM architecture: Size/MD5 checksum: 353544 b2e380c03a7c3400aa8eed3df460de39 Size/MD5 checksum: 113614 e09f582ffdbd6194ddc21584574d3f15 Intel IA-32 architecture: Size/MD5 checksum: 300576 940ad919f58bcf5e63aa2ae5d82dfc81 Size/MD5 checksum: 109618 f7aca58ac7f137b9c4a5cb30c0aa3348 Intel IA-64 architecture: Size/MD5 checksum: 365776 e18bdeea760929e2120544f2b264d42e Size/MD5 checksum: 189900 25875c90c0b2c2019208185c9e30afca HP Precision architecture: Size/MD5 checksum: 407922 70dc6f762134a61ad5732812abffad75 Size/MD5 checksum: 132796 c3c6a6e01be6f31c133a1224373a4a7f Motorola 680x0 architecture: Size/MD5 checksum: 310176 a7a5760c2398060612eb79a80562c8c6 Size/MD5 checksum: 110704 b4a557f582e2af90f85107748e786d43 Big endian MIPS architecture: Size/MD5 checksum: 385604 9761cbfc9ef7328f9820f49f4a2edc38 Size/MD5 checksum: 122324 d4c774942019642efa35236a59d425a9 Little endian MIPS architecture: Size/MD5 checksum: 366450 3c0dcc1a9b2c5e0b3cddbff75505226e Size/MD5 checksum: 120550 24cf66a1951f3a41ab473f09d63babbf PowerPC architecture: Size/MD5 checksum: 380250 45e7571557368b2171947aa1b58e70ee Size/MD5 checksum: 116298 be1d6ae14bb2502d89fda6998fa3d987 IBM S/390 architecture: Size/MD5 checksum: 371686 34cf7bc605ab0b7491032ecaab5b120c Size/MD5 checksum: 120802 bee501cf9ecdab88fbe95bb78f667ded Sun Sparc architecture: Size/MD5 checksum: 376994 ff79d1e9fc1ac1ee836b7293a1132b8e Size/MD5 checksum: 138610 620679999223d76bd35f3fca0ee5c954 These files will probably be moved into the stable distribution on its next revision. --------------------------------------------------------------------------------- For apt-get: deb Debian -- Security Information stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . Numerous vulnerabilities in libmcrypt could lead to heap corruption and data exposure. It is recommended to execute an update for improved protection.. libmcrypt buffer exploits, secure package management, debian security guide. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 14, 2003 Important Debian
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here