Alerts This Week
Warning Icon 1 566
Alerts This Week
Warning Icon 1 566

Stay Secure with the Latest Linux Advisories

Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H800
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 5 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of servicesoftware update

Ubuntu 7398-1: libtar Security Advisory Updates

Several security issues were fixed in libtar.. ========================================================================== Ubuntu Security Notice USN-7398-1 March 31, 2025 libtar vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in libtar. Software Description: - libtar: C library for manipulating tar archives (development files) Details: It was discovered that libtar may perform out-of-bounds reads when processing specially crafted tar files. An attacker could possibly use this issue to cause libtar to crash, resulting in a denial of service, or execute arbitrary code. (CVE-2021-33643, CVE-2021-33644) It was discovered that libtar contained a memory leak due to failing to free a variable, causing performance degradation. An attacker could possibly use this issue to cause libtar to crash, resulting in a denial of service. (CVE-2021-33645, CVE-2021-33646) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.10 libtar-dev 1.2.20-8.1ubuntu0.24.10.1 libtar0t64 1.2.20-8.1ubuntu0.24.10.1 Ubuntu 24.04 LTS libtar-dev 1.2.20-8.1ubuntu0.24.04.1 libtar0t64 1.2.20-8.1ubuntu0.24.04.1 Ubuntu 22.04 LTS libtar-dev 1.2.20-8ubuntu0.22.04.1 libtar0 1.2.20-8ubuntu0.22.04.1 Ubuntu 20.04 LTS libtar-dev 1.2.20-8ubuntu0.20.04.1 libtar0 1.2.20-8ubuntu0.20.04.1 Ubuntu18.04 LTS libtar-dev 1.2.20-7ubuntu0.1~esm1 Available with Ubuntu Pro libtar0 1.2.20-7ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS libtar-dev 1.2.20-4ubuntu0.1~esm1 Available with Ubuntu Pro libtar0 1.2.20-4ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7398-1 CVE-2021-33643, CVE-2021-33644, CVE-2021-33645, CVE-2021-33646 Package Information: https://launchpad.net/ubuntu/+source/libtar/1.2.20-8.1ubuntu0.24.10.1 https://launchpad.net/ubuntu/+source/libtar/1.2.20-8.1ubuntu0.24.04.1 https://launchpad.net/ubuntu/+source/libtar/1.2.20-8ubuntu0.22.04.1 https://launchpad.net/ubuntu/+source/libtar/1.2.20-8ubuntu0.20.04.1 . Multiple security issues in libtar can lead to denial of service and out-of-bounds read vulnerabilities. Updates available.. security, libtar, ======================================================. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 31, 2025 Critical Ubuntu
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebianmemory leak

Debian LTS: DLA-4033-1 Critical Updates for libtar Memory Issues

Multiple vulnerabilities have been fixed in libtar, a library for manipulating tar archives. CVE-2021-33643 . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4033-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Adrian Bunk January 28, 2025 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : libtar Version : 1.2.20-8+deb12u1~deb11u1 CVE ID : CVE-2021-33643 CVE-2021-33644 CVE-2021-33645 CVE-2021-33646 Multiple vulnerabilities have been fixed in libtar, a library for manipulating tar archives. CVE-2021-33643 out-of-bounds read in gnu_longlink() CVE-2021-33644 out-of-bounds read in gnu_longname() CVE-2021-33645 memory leak in th_read() CVE-2021-33646 memory leak in th_read() For Debian 11 bullseye, these problems have been fixed in version 1.2.20-8+deb12u1~deb11u1. We recommend that you upgrade your libtar packages. For the detailed security status of libtar please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/libtar Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Several security flaws in libtar have been addressed in Debian LTS DLA-4033-1. It's advisable to update libtar to ensure a safer setup.. Debian, libtar, security updates, memory leaks, out-of-bounds. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 28, 2025 Critical Debian LTS
Banner 1 1028x280 1708121660 1771599717
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatesecurity issue

Red Hat: RHSA-2023:2898-01 Moderate: Libtar Memory Leak Issues

An update for libtar is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: libtar security update Advisory ID: RHSA-2023:2898-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:2898 Issue date: 2023-05-16 CVE Names: CVE-2021-33643 CVE-2021-33644 CVE-2021-33645 CVE-2021-33646 ==================================================================== 1. Summary: An update for libtar is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: The libtar packages contain a C library for manipulating tar archives. The library supports both the strict POSIX tar format and many of the commonly used GNU extensions. Security Fix(es): * libtar: out-of-bounds read in gnu_longlink (CVE-2021-33643) * libtar: out-of-bounds read in gnu_longname (CVE-2021-33644) * libtar: memory leak found in th_read() function (CVE-2021-33645) * libtar: memory leak found in th_read() function (CVE-2021-33646) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changesin this release, see the Red Hat Enterprise Linux 8.8 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2121289 - CVE-2021-33643 libtar: out-of-bounds read in gnu_longlink 2121292 - CVE-2021-33644 libtar: out-of-bounds read in gnu_longname 2121295 - CVE-2021-33645 libtar: memory leak found in th_read() function 2121297 - CVE-2021-33646 libtar: memory leak found in th_read() function 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: libtar-1.2.20-17.el8.src.rpm aarch64: libtar-1.2.20-17.el8.aarch64.rpm libtar-debuginfo-1.2.20-17.el8.aarch64.rpm libtar-debugsource-1.2.20-17.el8.aarch64.rpm ppc64le: libtar-1.2.20-17.el8.ppc64le.rpm libtar-debuginfo-1.2.20-17.el8.ppc64le.rpm libtar-debugsource-1.2.20-17.el8.ppc64le.rpm s390x: libtar-1.2.20-17.el8.s390x.rpm libtar-debuginfo-1.2.20-17.el8.s390x.rpm libtar-debugsource-1.2.20-17.el8.s390x.rpm x86_64: libtar-1.2.20-17.el8.i686.rpm libtar-1.2.20-17.el8.x86_64.rpm libtar-debuginfo-1.2.20-17.el8.i686.rpm libtar-debuginfo-1.2.20-17.el8.x86_64.rpm libtar-debugsource-1.2.20-17.el8.i686.rpm libtar-debugsource-1.2.20-17.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-33643 https://access.redhat.com/security/cve/CVE-2021-33644 https://access.redhat.com/security/cve/CVE-2021-33645 https://access.redhat.com/security/cve/CVE-2021-33646 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat,Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZGNwdNzjgjWX9erEAQjfPw//SoG/pVemP1peDGxUFDfBMBbldrFWpNro Te4tTe3YAkVgQgtnGZ8n3Arlrryk+3wfgQj3u9gdUj1w14YyEZC8hpWLCXI5iw/P Ul4dHHOnO0UW568dkaqUeJjl02o2ugRp2RZVt14yuZqLKmF9WCJW7lCZQLoqCIVp 7P3vZOQBlyU6BuGXO4Th86fpLDEZCboBQDA2QeNFvt+qNwvNxgb3A05217tfXnZ4 EpltZPIrl8pzEmmWA09XeFgIm5GXNiWjjR/fF3OHSgQ9cmXnafxWSBNiDlzHNQCk 0/z5gcvl+BJLceQoZBo6hdldHCiOF20jCxr8Nb/3sSJ+zAqQqqNsnDQ1TGs2GMDz Mx5JECSk0p79MMKR0mrP2NbCqxqEsqOkjinIa0PDlKNPFbEikA4l7fXu58KyHsr/ V9otYHvD1ilS7cTw1FGi198oodCofA+euZCQBNnWuFbnrCo1cyRBN6mjCMZwDgww ZhNWOUvAmkhtC5ebBb8zuMJ73ojSwiv886kJbEjDlG7SDGbMPHxEAgTHWZp5l+jw z36m+SegsAXE/UKHRYTFriRA5p1pyq/AVUMwhMXvQhwwNxPl2wsaUOJGFBw3Fu3n bAFXpxAngQvELHEFOtmL9fzbnFo93OTkvuz9tJpbvNOCmDBJJEN6Znhic0iWzT0p kHiakPvkvj4=I+bk -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Explore the newest Red Hat advisory related to libtar, focusing on memory leaks as well as out-of-bounds vulnerabilities, categorized with a moderate severity rating.. libtar security update, red hat advisory, rhel 8 update, moderate security patch. . LinuxSecurity.com Team

Calendar 2 May 16, 2023 Red Hat
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorycriticalsoftware update

Mageia 8: 2022-0488 Critical: libtar Use-After-Free Issue

After tar_close(), libtar.c releases the memory pointed to by pointer t. After tar_close() is called in the list() function, it continues to use pointer t: free_longlink_longname(t-> th_buf) . As a result, the released memory is used (use-after-free). (CVE-2021-33640) . MGASA-2022-0488 - Updated libtar packages fix security vulnerability Publication date: 30 Dec 2022 URL: https://advisories.mageia.org/MGASA-2022-0488.html Type: security Affected Mageia releases: 8 CVE: CVE-2021-33640 After tar_close(), libtar.c releases the memory pointed to by pointer t. After tar_close() is called in the list() function, it continues to use pointer t: free_longlink_longname(t-> th_buf) . As a result, the released memory is used (use-after-free). (CVE-2021-33640) References: - https://bugs.mageia.org/show_bug.cgi?id=31337 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/4S4PJRCJLEAWN2EKXGLSOBTL7O57V7NC/ - https://www.cve.org/CVERecord?id=CVE-2021-33640 SRPMS: - 8/core/libtar-1.2.20-9.2.mga8 . The latest Mageia libtar updates resolve a severe use-after-free vulnerability identified as CVE-2021-33640.. Mageia Security Advisory, libtar Update, Memory Management Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 30, 2022 Critical Mageia
Banner 1 1028x280 1708121660 1771599717
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorymemory leakout-of-bounds

Mageia 8: 2022-0335 Critical: Out-Of-Bounds Access in Libtar

An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read. (CVE-2021-33643) An attacker who submits a crafted tar file with size in header struct . MGASA-2022-0335 - Updated libtar packages fix security vulnerability Publication date: 16 Sep 2022 URL: https://advisories.mageia.org/MGASA-2022-0335.html Type: security Affected Mageia releases: 8 CVE: CVE-2021-33643, CVE-2021-33644, CVE-2021-33645, CVE-2021-33646 An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read. (CVE-2021-33643) An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read. (CVE-2021-33644) The th_read() function doesn't free a variable t-> th_buf.gnu_longlink after allocating memory, which may cause a memory leak. (CVE-2021-33645) The th_read() function doesn't free a variable t-> th_buf.gnu_longname after allocating memory, which may cause a memory leak. (CVE-2021-33646) References: - https://bugs.mageia.org/show_bug.cgi?id=30821 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/OD4HEBSTI22FNYKOKK7W3X6ZQE6FV3XC/ - https://www.cve.org/CVERecord?id=CVE-2021-33643 - https://www.cve.org/CVERecord?id=CVE-2021-33644 - https://www.cve.org/CVERecord?id=CVE-2021-33645 - https://www.cve.org/CVERecord?id=CVE-2021-33646 SRPMS: - 8/core/libtar-1.2.20-9.1.mga8 . The recent libtar updates for Mageia address several vulnerabilities such as boundary violations and memory management flaws.. Mageia, Libtar Security Update, Memory Management, Out-Of-Bounds Access. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 16, 2022 Critical Mageia
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryhigh severitysoftware update

Fedora 37: FEDORA-2022-44a20bba43 High: Libtar Memory Leak Fix

- fix memory leaks through gnu_long{name,link} (CVE-2021-33645 CVE-2021-33646) - fix out-of-bounds read in gnu_long{name,link} (CVE-2021-33643 CVE-2021-33644). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-44a20bba43 2022-09-12 17:36:48.817631 --------------------------------------------------------------------------------Name : libtar Product : Fedora 37 Version : 1.2.20 Release : 25.fc37 URL : https://repo.or.cz/libtar.git Summary : Tar file manipulation API Description : libtar is a C library for manipulating tar archives. It supports both the strict POSIX tar format and many of the commonly-used GNU extensions. --------------------------------------------------------------------------------Update Information: - fix memory leaks through gnu_long{name,link} (CVE-2021-33645 CVE-2021-33646) -fix out-of-bounds read in gnu_long{name,link} (CVE-2021-33643 CVE-2021-33644) --------------------------------------------------------------------------------ChangeLog: * Fri Aug 26 2022 Kamil Dudka - 1.2.20-25 - fix memory leaks through gnu_long{name,link} (CVE-2021-33645 CVE-2021-33646) - fix out-of-bounds read in gnu_long{name,link} (CVE-2021-33643 CVE-2021-33644) --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-44a20bba43' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send anemail to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Fedora 37 libtar revision tackles crucial issues relating to memory leakages and out-of-bounds access. Vital for the secure handling of tar archives.. libtar update, memory leak fix, Fedora software update, out-of-bounds security, open source patch. . LinuxSecurity.com Team

Calendar 2 Sep 12, 2022 Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalsoftware update

Fedora 35: FEDORA-2022-fe1a4e3cf0 Critical Memory Leaks and Fixes

- fix memory leaks through gnu_long{name,link} (CVE-2021-33645 CVE-2021-33646) - fix out-of-bounds read in gnu_long{name,link} (CVE-2021-33643 CVE-2021-33644). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-fe1a4e3cf0 2022-09-04 22:56:03.503986 --------------------------------------------------------------------------------Name : libtar Product : Fedora 35 Version : 1.2.20 Release : 25.fc35 URL : https://repo.or.cz/libtar.git Summary : Tar file manipulation API Description : libtar is a C library for manipulating tar archives. It supports both the strict POSIX tar format and many of the commonly-used GNU extensions. --------------------------------------------------------------------------------Update Information: - fix memory leaks through gnu_long{name,link} (CVE-2021-33645 CVE-2021-33646) -fix out-of-bounds read in gnu_long{name,link} (CVE-2021-33643 CVE-2021-33644) --------------------------------------------------------------------------------ChangeLog: * Fri Aug 26 2022 Kamil Dudka - 1.2.20-25 - fix memory leaks through gnu_long{name,link} (CVE-2021-33645 CVE-2021-33646) - fix out-of-bounds read in gnu_long{name,link} (CVE-2021-33643 CVE-2021-33644) * Thu Jul 21 2022 Fedora Release Engineering - 1.2.20-24 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Thu Jan 20 2022 Fedora Release Engineering - 1.2.20-23 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-fe1a4e3cf0' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Uncover the latest Fedora libtar enhancements tackling memory leak issues and out-of-bounds vulnerabilities with vital corrections. Find out more today!. libtar, memory leaks, software update, Fedora, out-of-bounds. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 04, 2022 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalsoftware update

Fedora: 2022-50e8a1b51d Critical: Fix Memory Leaks In Libtar API

- fix memory leaks through gnu_long{name,link} (CVE-2021-33645 CVE-2021-33646) - fix out-of-bounds read in gnu_long{name,link} (CVE-2021-33643 CVE-2021-33644). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-50e8a1b51d 2022-09-04 22:43:39.751430 --------------------------------------------------------------------------------Name : libtar Product : Fedora 36 Version : 1.2.20 Release : 25.fc36 URL : https://repo.or.cz/libtar.git Summary : Tar file manipulation API Description : libtar is a C library for manipulating tar archives. It supports both the strict POSIX tar format and many of the commonly-used GNU extensions. --------------------------------------------------------------------------------Update Information: - fix memory leaks through gnu_long{name,link} (CVE-2021-33645 CVE-2021-33646) -fix out-of-bounds read in gnu_long{name,link} (CVE-2021-33643 CVE-2021-33644) --------------------------------------------------------------------------------ChangeLog: * Fri Aug 26 2022 Kamil Dudka - 1.2.20-25 - fix memory leaks through gnu_long{name,link} (CVE-2021-33645 CVE-2021-33646) - fix out-of-bounds read in gnu_long{name,link} (CVE-2021-33643 CVE-2021-33644) * Thu Jul 21 2022 Fedora Release Engineering - 1.2.20-24 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-50e8a1b51d' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Resolutions for memory mismanagement and illegal read access issues communicated in the Fedora Update Alert regarding libtar.. Memory Leak, Out-Of-Bounds, Libtar, Fedora Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 04, 2022 Critical Fedora
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here