Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorysecurity issuebuffer overflow

Debian 9 DLA-2431-2 Moderate: libonig Buffer Overflow Reversion

It was discovered that CVE-2020-26159 in the Oniguruma regular expressions library, notably used in PHP mbstring, was a false-positive. In consequence the patch for CVE-2020-26159 was reverted. For reference, the original advisory text follows. . -------------------------------------------------------------------------Debian LTS Advisory DLA-2431-2 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Markus Koschany January 30, 2021 https://wiki.debian.org/LTS -------------------------------------------------------------------------Package : libonig Version : 6.1.3-2+deb9u2 CVE ID : CVE-2020-26159 It was discovered that CVE-2020-26159 in the Oniguruma regular expressions library, notably used in PHP mbstring, was a false-positive. In consequence the patch for CVE-2020-26159 was reverted. For reference, the original advisory text follows. CVE-2020-26159 In Oniguruma an attacker able to supply a regular expression for compilation may be able to overflow a buffer by one byte in concat_opt_exact_str in src/regcomp.c For Debian 9 stretch, this problem has been fixed in version 6.1.3-2+deb9u2. We recommend that you upgrade your libonig packages. For the detailed security status of libonig please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/libonig Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS Advisory DLA-2432-1 addresses an issue with libxml2, advising users to update their packages to enhance security.. Debian Security, libonig Update, Buffer Overflow Fix. . LinuxSecurity.com Team

Calendar 2 Jan 30, 2021 Debian LTS
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of serviceubuntu

Ubuntu 14.04 ESM: USN-4460-1 Moderate: libonig Denial Of Service Threat

Several security issues were fixed in Oniguruma.. =========================================================================Ubuntu Security Notice USN-4460-1 August 17, 2020 libonig vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM Summary: Several security issues were fixed in Oniguruma. Software Description: - libonig: regular expressions library Details: It was discovered that Oniguruma incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information or other unspecified impact. (CVE-2019-16163, CVE-2019-19012, CVE-2019-19204, CVE-2019-19246) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: libonig2 5.9.1-1ubuntu1.1+esm2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4460-1 CVE-2019-16163, CVE-2019-19012, CVE-2019-19204, CVE-2019-19246 . Ubuntu Security Notice USN-4460-2 addresses vulnerabilities in libonig associated with Oniguruma that could lead to denial of service incidents.. Ubuntu Security Notice, libonig issues, Oniguruma fix, security vulnerability. . LinuxSecurity.com Team

Calendar 2 Aug 17, 2020 Ubuntu
Banner 4 1028x280 1708121825 1771600306
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of servicedebian

Debian 8 LTS DLA-2020-1 Moderate: libonig Denial Of Service

Several vulnerabilities were discovered in the Oniguruma regular expressions library, notably used in PHP mbstring. . Package : libonig Version : 5.9.5-3.2+deb8u4 CVE ID : CVE-2019-19012 CVE-2019-19204 CVE-2019-19246 Debian Bug : 944959 945313 Several vulnerabilities were discovered in the Oniguruma regular expressions library, notably used in PHP mbstring. CVE-2019-19012 An integer overflow in the search_in_range function in regexec.c leads to an out-of-bounds read, in which the offset of this read is under the control of an attacker. (This only affects the 32-bit compiled version). Remote attackers can cause a denial-of-service or information disclosure, or possibly have unspecified other impact, via a crafted regular expression. CVE-2019-19204 In the function fetch_range_quantifier in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read and lead to denial-of-service via a crafted regular expression. CVE-2019-19246 Heap-based buffer over-read in str_lower_case_match in regexec.c can lead to denial-of-service via a crafted regular expression. For Debian 8 "Jessie", these problems have been fixed in version 5.9.5-3.2+deb8u4. We recommend that you upgrade your libonig packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Several security flaws in libonig could result in possible denial of service, necessitating an update for Debian 8.. libonig update, Debian LTS security, regular expression vulnerabilities. . LinuxSecurity.com Team

Calendar 2 Dec 04, 2019 Debian LTS
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebianstack exhaustion

Debian: DLA-1918-1 Moderate: Libonig Stack Exhaustion Issue

The Oniguruma regular expressions library, notably used in PHP mbstring, is vulnerable to stack exhaustion. A crafted regular expression can crash the process. . Package : libonig Version : 5.9.5-3.2+deb8u3 CVE ID : CVE-2019-16163 Debian Bug : 939988 The Oniguruma regular expressions library, notably used in PHP mbstring, is vulnerable to stack exhaustion. A crafted regular expression can crash the process. For Debian 8 "Jessie", this problem has been fixed in version 5.9.5-3.2+deb8u3. We recommend that you upgrade your libonig packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . The Oniguruma library found in Debian 8 Jessie is susceptible to a vulnerability that can lead to stack exhaustion. It is recommended to update libonig to rectify this problem.. Oniguruma, Debian Security, Libonig Update. . LinuxSecurity.com Team

Calendar 2 Sep 12, 2019 Debian LTS
Banner 4 1028x280 1708121825 1771600306
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebianmemory corruption

Debian: DLA-958-1 Critical: Libonig Stack Overflow and DoS Threats

CVE-2017-9224 An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack . Hash: SHA512 Package : libonig Version : 5.9.1-1+deb7u1 CVE ID : CVE-2017-9224 CVE-2017-9226 CVE-2017-9227 CVE-2017-9228 CVE-2017-9229 Debian Bug : 863312 863314 863315 863316 863318 CVE-2017-9224 An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in match_at() during regular expression searching. A logical error involving order of validation and access in match_at() could result in an out-of-bounds read from a stack buffer. CVE-2017-9226 An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. Octal numbers larger than 0xff are not handled correctly in fetch_token() and fetch_token_in_cc(). A malformed regular expression containing an octal number in the form of '\700' would produce an invalid code point value larger than 0xff in next_state_val(), resulting in an out-of-bounds write memory corruption. CVE-2017-9227 An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbc_enc_len() during regular expression searching. Invalid handling of reg-> dmin in forward_search_range() could result in an invalid pointer dereference, as an out-of-bounds read from a stack buffer. CVE-2017-9228 An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitset_set_range() during regular expression compilation due to anuninitialized variable from an incorrect state transition. An incorrect state transition in parse_char_class() could create an execution path that leaves a critical local variable uninitialized until it's used as an index, resulting in an out-of-bounds write memory corruption. CVE-2017-9229 An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in left_adjust_char_head() during regular expression compilation. Invalid handling of reg-> dmax in forward_search_range() could result in an invalid pointer dereference, normally as an immediate denial-of-service condition. For Debian 7 "Wheezy", these problems have been fixed in version 5.9.1-1+deb7u1. We recommend that you upgrade your libonig packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Hash: SHA512 Package : libonig Version : 5.9.1-1+deb7u1 CVE ID : CVE-2017-9224 CVE-2017-9226 CVE-201. cve-2017-9224, oniguruma, oniguruma-mod, through. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 28, 2017 Critical Debian LTS
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here