Alerts This Week
Warning Icon 1 666
Alerts This Week
Warning Icon 1 666

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 3 articles for you...
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorycode executionvulnerability

Mageia 9 MGASA-2023-0325 moderate: lilypond code execution threat

Updated lilypond packages fix a security vulnerability: LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code execution . MGASA-2023-0325 - Updated lilypond packages fix a security vulnerability Publication date: 27 Nov 2023 URL: https://advisories.mageia.org/MGASA-2023-0325.html Type: security Affected Mageia releases: 9 CVE: CVE-2020-17354 Updated lilypond packages fix a security vulnerability: LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code execution during conversion to a different file format. NOTE: in 2.24 and later versions, safe mode is removed, and the product no longer tries to block code execution when external files are used. References: - https://bugs.mageia.org/show_bug.cgi?id=31889 - https://www.cve.org/CVERecord?id=CVE-2020-17354 SRPMS: - 9/core/lilypond-2.24.2-2.mga9 . Mageia has issued a security patch for lilypond addressing a flaw that might enable unauthorized execution of code, posing a risk of system compromise.. Lilypond Code Execution Fix,Mageia Security Advisory,Security Threat. . LinuxSecurity.com Team

Calendar 2 Nov 27, 2023 Mageia
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisoryimportantthreat fix

openSUSE: 2023:0137-1 Important: Guile1 and Lilypond Fix

An update that fixes two vulnerabilities is now available. . openSUSE Security Update: Security update for guile1, lilypond ______________________________________________________________________________ Announcement ID: openSUSE-SU-2023:0137-1 Rating: important References: #1210502 Cross-References: CVE-2016-8605 CVE-2020-17354 CVSS scores: CVE-2016-8605 (NVD) : 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2020-17354 (NVD) : 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for guile1, lilypond fixes the following issues: guile1: - Add service file to download release from git excluding the directory with commercial non free files. - Update to version 2.2.6 to enable lilypond to be updated to 2.24.1 to fix boo#1210502 and CVE-2020-17354. lilypond: - Update to version lilypond-2.24.1 to fix boo#1210502 - CVE-2020-17354: lilypond: Lilypond allows attackers to bypass the -dsafe protection mechanism. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP4: zypper in -t patch openSUSE-2023-137=1 Package List: - openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64): guile1-2.2.6-bp154.3.3.1 guile1-modules-2_2-2.2.6-bp154.3.3.1 libguile-2_2-1-2.2.6-bp154.3.3.1 libguile1-devel-2.2.6-bp154.3.3.1 - openSUSE Backports SLE-15-SP4 (aarch64 ppc64le s390x x86_64): lilypond-2.24.1-bp154.2.3.2 lilypond-debuginfo-2.24.1-bp154.2.3.2 lilypond-debugsource-2.24.1-bp154.2.3.2 - openSUSE BackportsSLE-15-SP4 (noarch): lilypond-doc-2.24.1-bp154.2.3.2 lilypond-doc-cs-2.24.1-bp154.2.3.2 lilypond-doc-de-2.24.1-bp154.2.3.2 lilypond-doc-es-2.24.1-bp154.2.3.2 lilypond-doc-fr-2.24.1-bp154.2.3.2 lilypond-doc-hu-2.24.1-bp154.2.3.2 lilypond-doc-it-2.24.1-bp154.2.3.2 lilypond-doc-ja-2.24.1-bp154.2.3.2 lilypond-doc-nl-2.24.1-bp154.2.3.2 lilypond-doc-zh-2.24.1-bp154.2.3.2 lilypond-emmentaler-fonts-2.24.1-bp154.2.3.2 lilypond-fonts-common-2.24.1-bp154.2.3.2 References: https://www.suse.com/security/cve/CVE-2016-8605.html https://www.suse.com/security/cve/CVE-2020-17354.html https://bugzilla.suse.com/1210502 . Crucial openSUSE security patches rectify vulnerabilities in guile2 and lilypond, enhancing system protection.. OpenSUSE Security Update, Guile1 Threat, Lilypond Patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 27, 2023 Important OpenSUSE
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdateFedora

Fedora 37: FEDORA-2023-fb8bc496c2 Critical: LilyPond Bypass Fix

Fix for CVE-2020-17354. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-fb8bc496c2 2023-04-26 01:41:45.729436 --------------------------------------------------------------------------------Name : lilypond-doc Product : Fedora 37 Version : 2.24.1 Release : 1.fc37 URL : https://lilypond.org Summary : HTML documentation for LilyPond Description : LilyPond is an automated music engraving system. It formats music beautifully and automatically, and has a friendly syntax for its input files. This package contains the HTML documentation for LilyPond. --------------------------------------------------------------------------------Update Information: Fix for CVE-2020-17354 --------------------------------------------------------------------------------ChangeLog: * Mon Apr 17 2023 Gwyn Ciesla - 2.24.1-1 - 2.24.1 --------------------------------------------------------------------------------References: [ 1 ] Bug #2187167 - CVE-2020-17354 lilypond: Lilypond allows attackers to bypass the -dsafe protection mechanism [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2187167 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-fb8bc496c2' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . This revision tackles CVE-2021-23412, improving the safety of the Gimp graphics suite within Fedora.. LilyPond Documentation,Fedora Security Fix,CVE-2020-17354,Fedora Updates. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 26, 2023 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraDoS

Fedora 37: 2023-04-26 Security Advisory for Lilypond DoS

Fix for CVE-2020-17354. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-fb8bc496c2 2023-04-26 01:41:45.729436 --------------------------------------------------------------------------------Name : lilypond Product : Fedora 37 Version : 2.24.1 Release : 1.fc37 URL : https://lilypond.org Summary : A typesetting system for music notation Description : LilyPond is an automated music engraving system. It formats music beautifully and automatically, and has a friendly syntax for its input files. --------------------------------------------------------------------------------Update Information: Fix for CVE-2020-17354 --------------------------------------------------------------------------------ChangeLog: * Mon Apr 17 2023 Gwyn Ciesla - 2.24.1-1 - 2.24.1 --------------------------------------------------------------------------------References: [ 1 ] Bug #2187167 - CVE-2020-17354 lilypond: Lilypond allows attackers to bypass the -dsafe protection mechanism [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2187167 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-fb8bc496c2' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Resolution for LilyPond counteracting CVE-2020-17354 in Fedora 37 bolstering music score protection.. Fedora Updates,Lilypond Security,Music Notation Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 26, 2023 Important Fedora
Banner 3 1028x280 1708121785 1771599793
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisoryupdatearbitrary code execution

Mageia 7 MGASA-2020-0414 Moderate: Lilypond Arbitrary Code Execution

It was discovered that Lilypond, a program for typesetting sheet music, did not restrict the inclusion of Postscript and SVG commands when operating in safe mode, which could result in the execution of arbitrary code when rendering a typesheet file with embedded Postscript code. (CVE-2020-17353) . MGASA-2020-0414 - Updated lilypond package fixes a security vulnerability Publication date: 13 Nov 2020 URL: https://advisories.mageia.org/MGASA-2020-0414.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-17353 It was discovered that Lilypond, a program for typesetting sheet music, did not restrict the inclusion of Postscript and SVG commands when operating in safe mode, which could result in the execution of arbitrary code when rendering a typesheet file with embedded Postscript code. (CVE-2020-17353) References: - https://bugs.mageia.org/show_bug.cgi?id=27174 - https://lists.debian.org/debian-security-announce/2020/msg00163.html - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/QG2JUV4UTIA27JUE6IZLCEFP5PYSFPF4/ - https://www.cve.org/CVERecord?id=CVE-2020-17353 SRPMS: - 7/core/lilypond-2.19.83-1.1.mga7 . MGASA-2023-0701: The revised fontforge package addresses a vulnerability in graphical mode affecting font creation processes.. Lilypond Update, Mageia Security Advisories, Arbitrary Code Risks. . LinuxSecurity.com Team

Calendar 2 Nov 13, 2020 Mageia
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderateupdate

openSUSE: 2020:1506-1 Moderate: LilyPond Embedded-PS Issue

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for lilypond ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:1506-1 Rating: moderate References: #1174949 Cross-References: CVE-2020-17353 Affected Products: openSUSE Backports SLE-15-SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for lilypond fixes the following issues: - CVE-2020-17353: When -dsafe is used, LilyPond lacks restrictions on embedded-ps and embedded-svg (boo#1174949). This update was imported from the openSUSE:Leap:15.2:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP2: zypper in -t patch openSUSE-2020-1506=1 Package List: - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64): lilypond-2.20.0-bp152.2.8.1 - openSUSE Backports SLE-15-SP2 (noarch): lilypond-emmentaler-fonts-2.20.0-bp152.2.8.1 lilypond-fonts-common-2.20.0-bp152.2.8.1 lilypond-texgy-fonts-2.20.0-bp152.2.8.1 References: https://www.suse.com/security/cve/CVE-2020-17353.html https://bugzilla.suse.com/1174949 -- . openSUSE Security Patch addresses a moderate flaw in LilyPond stemming from inadequate processing of embedded-ps.. openSUSE Security Update, LilyPond Software Fix, Embedded-PS Issue. . LinuxSecurity.com Team

Calendar 2 Sep 22, 2020 OpenSUSE
Banner 3 1028x280 1708121785 1771599793
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderateupdate

openSUSE Leap 15.2: openSUSE-SU-2020:1453-1 Moderate: Lilypond Issue

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for lilypond ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:1453-1 Rating: moderate References: #1174949 Cross-References: CVE-2020-17353 Affected Products: openSUSE Leap 15.2 openSUSE Backports SLE-15-SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for lilypond fixes the following issues: - CVE-2020-17353: When -dsafe is used, LilyPond lacks restrictions on embedded-ps and embedded-svg (boo#1174949). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2020-1453=1 - openSUSE Backports SLE-15-SP2: zypper in -t patch openSUSE-2020-1453=1 Package List: - openSUSE Leap 15.2 (noarch): lilypond-doc-2.20.0-lp152.2.5.10 lilypond-doc-cs-2.20.0-lp152.2.5.10 lilypond-doc-de-2.20.0-lp152.2.5.10 lilypond-doc-es-2.20.0-lp152.2.5.10 lilypond-doc-fr-2.20.0-lp152.2.5.10 lilypond-doc-hu-2.20.0-lp152.2.5.10 lilypond-doc-it-2.20.0-lp152.2.5.10 lilypond-doc-ja-2.20.0-lp152.2.5.10 lilypond-doc-nl-2.20.0-lp152.2.5.10 lilypond-doc-zh-2.20.0-lp152.2.5.10 lilypond-emmentaler-fonts-2.20.0-lp152.2.5.10 lilypond-fonts-common-2.20.0-lp152.2.5.10 lilypond-texgy-fonts-2.20.0-lp152.2.5.10 - openSUSE Leap 15.2 (x86_64): lilypond-2.20.0-lp152.2.5.10 lilypond-debuginfo-2.20.0-lp152.2.5.10 lilypond-debugsource-2.20.0-lp152.2.5.10 - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64): lilypond-2.20.0-bp152.2.5.6 lilypond-debuginfo-2.20.0-bp152.2.5.6 lilypond-debugsource-2.20.0-bp152.2.5.6 - openSUSE Backports SLE-15-SP2 (noarch): lilypond-emmentaler-fonts-2.20.0-bp152.2.5.6 lilypond-fonts-common-2.20.0-bp152.2.5.6 lilypond-texgy-fonts-2.20.0-bp152.2.5.6 References: https://www.suse.com/security/cve/CVE-2020-17353.html https://bugzilla.suse.com/1174949 -- . This Fedora update resolves a significant vulnerability in gtk3, providing comprehensive patch guidelines and lists of impacted components.. openSUSE Security, lilypond fix, software patch, moderate vulnerability. . LinuxSecurity.com Team

Calendar 2 Sep 19, 2020 OpenSUSE
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianarbitrary code

Debian: DSA-4756-1 Critical: Lilypond Arbitrary Code Execution Risk

Faidon Liambotis discovered that Lilypond, a program for typesetting sheet music, did not restrict the inclusion of Postscript and SVG commands when operating in safe mode, which could result in the execution of arbitrary code when rendering a typesheet file with . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4756-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff August 29, 2020 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : lilypond CVE ID : CVE-2020-17353 Faidon Liambotis discovered that Lilypond, a program for typesetting sheet music, did not restrict the inclusion of Postscript and SVG commands when operating in safe mode, which could result in the execution of arbitrary code when rendering a typesheet file with embedded Postscript code. For the stable distribution (buster), this problem has been fixed in version 2.19.81+really-2.18.2-13+deb10u1. We recommend that you upgrade your lilypond packages. For the detailed security status of lilypond please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/lilypond Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . The security alert DSA-5382-1 pertains to a potential arbitrary command execution vulnerability in the Gnuplot graphing utility within the Ubuntu operating system.. Lilypond Security Update, Debian Advisory DSA-4756-1, Arbitrary Code Execution. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 29, 2020 Critical Debian
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here