Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -3 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorythreatUbuntu

Ubuntu 7461-1 Critical: Security Vulnerabilities in Linux Kernel Revealed

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-7461-1 April 24, 2025 linux, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-hwe-5.4, linux-ibm, linux-kvm, linux-oracle, linux-oracle-5.4 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems - linux-hwe-5.4: Linux hardware enablement (HWE) kernel - linux-oracle-5.4: Linux kernel for Oracle Cloud systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - File systems infrastructure; - Ext4 file system; - Network file system (NFS) server daemon; - Bluetooth subsystem; - IPv6 networking; - Network traffic control; (CVE-2024-53237, CVE-2024-50256, CVE-2021-47119, CVE-2024-35958, CVE-2025-21700, CVE-2025-21703, CVE-2024-56651, CVE-2024-49974, CVE-2025-21702, CVE-2024-26915, CVE-2024-46826) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS linux-image-5.4.0-1090-ibm 5.4.0-1090.95 linux-image-5.4.0-1103-bluefield 5.4.0-1103.110 linux-image-5.4.0-1131-kvm 5.4.0-1131.140 linux-image-5.4.0-1142-oracle 5.4.0-1142.152 linux-image-5.4.0-1147-gcp 5.4.0-1147.156 linux-image-5.4.0-1149-azure 5.4.0-1149.156 linux-image-5.4.0-214-generic 5.4.0-214.234 linux-image-5.4.0-214-generic-lpae 5.4.0-214.234 linux-image-5.4.0-214-lowlatency 5.4.0-214.234 linux-image-azure-lts-20.04 5.4.0.1149.143 linux-image-bluefield 5.4.0.1103.99 linux-image-gcp-lts-20.04 5.4.0.1147.149 linux-image-generic 5.4.0.214.207 linux-image-generic-lpae 5.4.0.214.207 linux-image-ibm-lts-20.04 5.4.0.1090.119 linux-image-kvm 5.4.0.1131.127 linux-image-lowlatency 5.4.0.214.207 linux-image-oem 5.4.0.214.207 linux-image-oem-osp1 5.4.0.214.207 linux-image-oracle-lts-20.04 5.4.0.1142.136 linux-image-virtual 5.4.0.214.207 Ubuntu 18.04 LTS linux-image-5.4.0-1142-oracle 5.4.0-1142.152~18.04.1 Available with Ubuntu Pro linux-image-5.4.0-1149-azure 5.4.0-1149.156~18.04.1 Available with Ubuntu Pro linux-image-5.4.0-214-generic 5.4.0-214.234~18.04.1 Available with Ubuntu Pro linux-image-5.4.0-214-lowlatency 5.4.0-214.234~18.04.1 Available with Ubuntu Pro linux-image-azure 5.4.0.1149.156~18.04.1 Available with Ubuntu Pro linux-image-generic-hwe-18.04 5.4.0.214.234~18.04.1 Available with Ubuntu Pro linux-image-lowlatency-hwe-18.04 5.4.0.214.234~18.04.1 Available with Ubuntu Pro linux-image-oem 5.4.0.214.234~18.04.1 Available with Ubuntu Pro linux-image-oem-osp1 5.4.0.214.234~18.04.1 Available with Ubuntu Pro linux-image-oracle 5.4.0.1142.152~18.04.1 Available with Ubuntu Pro linux-image-snapdragon-hwe-18.04 5.4.0.214.234~18.04.1 Available with Ubuntu Pro linux-image-virtual-hwe-18.04 5.4.0.214.234~18.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7461-1 CVE-2021-47119, CVE-2024-26915, CVE-2024-35958, CVE-2024-46826, CVE-2024-49974, CVE-2024-50256, CVE-2024-53237, CVE-2024-56651, CVE-2025-21700, CVE-2025-21702, CVE-2025-21703 Package Information: https://launchpad.net/ubuntu/+source/linux/5.4.0-214.234 https://launchpad.net/ubuntu/+source/linux-azure/5.4.0-1149.156 https://launchpad.net/ubuntu/+source/linux-bluefield/5.4.0-1103.110 https://launchpad.net/ubuntu/+source/linux-gcp/5.4.0-1147.156 https://launchpad.net/ubuntu/+source/linux-ibm/5.4.0-1090.95 https://launchpad.net/ubuntu/+source/linux-kvm/5.4.0-1131.140 https://launchpad.net/ubuntu/+source/linux-oracle/5.4.0-1142.152 . Numerous vulnerabilities in the Linux kernel have been resolved for Ubuntu. It's vital to perform updates to ensure system security.. Linux Kernel Updates, Ubuntu Security Notices, Kernel System Patch, Linux Security Management. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 24, 2025 Critical Ubuntu
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of serviceinformation leak

Debian LTS: DLA-2843-1 Moderate: Multiple Kernel Issues Security Fix

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leaks. . -------------------------------------------------------------------------Debian LTS Advisory DLA-2843-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Ben Hutchings December 16, 2021 https://wiki.debian.org/LTS -------------------------------------------------------------------------Package : linux Version : 4.9.290-1 CVE ID : CVE-2020-3702 CVE-2020-16119 CVE-2021-0920 CVE-2021-3612 CVE-2021-3653 CVE-2021-3655 CVE-2021-3679 CVE-2021-3732 CVE-2021-3753 CVE-2021-3760 CVE-2021-20317 CVE-2021-20321 CVE-2021-20322 CVE-2021-22543 CVE-2021-37159 CVE-2021-38160 CVE-2021-38198 CVE-2021-38199 CVE-2021-38204 CVE-2021-38205 CVE-2021-40490 CVE-2021-41864 CVE-2021-42008 CVE-2021-42739 CVE-2021-43389 Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leaks. CVE-2020-3702 A flaw was found in the driver for Atheros IEEE 802.11n family of chipsets (ath9k) allowing information disclosure. CVE-2020-16119 Hadar Manor reported a use-after-free in the DCCP protocol implementation in the Linux kernel. A local attacker can take advantage of this flaw to cause a denial of service or potentially to execute arbitrary code. CVE-2021-0920 A race condition was discovered in the local sockets (AF_UNIX) subsystem, which could lead to a use-after-free. A local user could exploit this for denial of service (memory corruption or crash), or possibly for privilege escalation. CVE-2021-3612 Murray McAllister reported a flaw in the joystick input subsystem. A local user permitted to access a joystick devicecould exploit this to read and write out-of-bounds in the kernel, which could be used for privilege escalation. CVE-2021-3653 Maxim Levitsky discovered a vulnerability in the KVM hypervisor implementation for AMD processors in the Linux kernel: Missing validation of the `int_ctl` VMCB field could allow a malicious L1 guest to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. The L2 guest can take advantage of this flaw to write to a limited but still relatively large subset of the host physical memory. CVE-2021-3655 Ilja Van Sprundel and Marcelo Ricardo Leitner found multiple flaws in the SCTP implementation, where missing validation could lead to an out-of-bounds read. On a system using SCTP, a networked attacker could exploit these to cause a denial of service (crash). CVE-2021-3679 A flaw in the Linux kernel tracing module functionality could allow a privileged local user (with CAP_SYS_ADMIN capability) to cause a denial of service (resource starvation). CVE-2021-3732 Alois Wohlschlager reported a flaw in the implementation of the overlayfs subsystem, allowing a local attacker with privileges to mount a filesystem to reveal files hidden in the original mount. CVE-2021-3753 Minh Yuan reported a race condition in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c, which may cause an out of bounds read in vt. CVE-2021-3760 Lin Horse reported a flaw in the NCI (NFC Controller Interface) driver, which could lead to a use-after-free. However, this driver is not included in the binary packages provided by Debian. CVE-2021-20317 It was discovered that the timer queue structure could become corrupt, leading to waiting tasks never being woken up. A local user with certain privileges could exploit this to cause a denial of service (system hang). CVE-2021-20321 A race condition was discovered in the overlayfsfilesystem driver. A local user with access to an overlayfs mount and to its underlying upper directory could exploit this for privilege escalation. CVE-2021-20322 An information leak was discovered in the IPv4 implementation. A remote attacker could exploit this to quickly discover which UDP ports a system is using, making it easier for them to carry out a DNS poisoning attack against that system. CVE-2021-22543 David Stevens discovered a flaw in how the KVM hypervisor maps host memory into a guest. A local user permitted to access /dev/kvm could use this to cause certain pages to be freed when they should not, leading to a use-after-free. This could be used to cause a denial of service (crash or memory corruption) or possibly for privilege escalation. CVE-2021-37159 A flaw was discovered in the hso driver for Option mobile broadband modems. An error during initialisation could lead to a double-free or use-after-free. An attacker able to plug in USB devices could use this to cause a denial of service (crash or memory corruption) or possibly to run arbitrary code. CVE-2021-38160 A flaw in the virtio_console was discovered allowing data corruption or data loss by an untrusted device. CVE-2021-38198 A flaw was discovered in the KVM implementation for x86 processors, that could result in virtual memory protection within a guest not being applied correctly. When shadow page tables are used - i.e. for nested virtualisation, or on CPUs lacking the EPT or NPT feature - a user of the guest OS might be able to exploit this for denial of service or privilege escalation within the guest. CVE-2021-38199 Michael Wakabayashi reported a flaw in the NFSv4 client implementation, where incorrect connection setup ordering allows operations of a remote NFSv4 server to cause a denial of service. CVE-2021-38204 A flaw was discovered in themax4321-hcd USB host controller driver, which could lead to a use-after-free. However, this driver is not included in the binary packages provided by Debian. CVE-2021-38205 An information leak was discovered in the xilinx_emaclite network driver. On a custom kernel where this driver is enabled and used, this might make it easier to exploit other kernel bugs. CVE-2021-40490 A race condition was discovered in the ext4 subsystem when writing to an inline_data file while its xattrs are changing. This could result in denial of service. CVE-2021-41864 An integer overflow was discovered in the Extended BPF (eBPF) subsystem. A local user could exploit this for denial of service (memory corruption or crash), or possibly for privilege escalation. This can be mitigated by setting sysctl kernel.unprivileged_bpf_disabled=1, which disables eBPF use by unprivileged users. CVE-2021-42008 A heap buffer overflow was discovered in the 6pack serial port network driver. A local user with CAP_NET_ADMIN capability could exploit this for denial of service (memory corruption or crash), or possibly for privilege escalation. CVE-2021-42739 A heap buffer overflow was discovered in the firedtv driver for FireWire-connected DVB receivers. A local user with access to a firedtv device could exploit this for denial of service (memory corruption or crash), or possibly for privilege escalation. CVE-2021-43389 The Active Defense Lab of Venustech discovered a flaw in the CMTP subsystem as used by Bluetooth, which could lead to an out-of-bounds read and object type confusion. A local user with CAP_NET_ADMIN capability in the initial user namespace could exploit this for denial of service (memory corruption or crash), or possibly for privilege escalation. For Debian 9 stretch, these problems have been fixed in version 4.9.290-1. We recommend that you upgradeyour linux packages. For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/linux Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -- Ben Hutchings Humans are not rational beings; they are rationalising beings. . Follow these steps to fix Debian LTS kernel vulnerabilities: update system, check/install updates, reboot, verify version, and review security alerts. Debian Security Update, Linux Kernel Fixes, Privilege Escalation, Denial of Service. . LinuxSecurity.com Team

Calendar 2 Dec 16, 2021 Debian LTS
Banner 4 1028x280 1708121825 1771600306
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity updatered hat

Red Hat 6.4/6.5 RHSA-2015:0255-01 Critical: Samba4 Remote Code Execution

Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6.4 and 6.5 Extended Update Support. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Critical: samba4 security update Advisory ID: RHSA-2015:0255-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2015:0255.html Issue date: 2015-02-23 CVE Names: CVE-2015-0240 ==================================================================== 1. Summary: Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6.4 and 6.5 Extended Update Support. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux HPC Node EUS (v. 6.4) - x86_64 Red Hat Enterprise Linux HPC Node EUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server EUS (v. 6.4) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server EUS (v. 6.5) - i386, ppc64, s390x, x86_64 3. Description: Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. An uninitialized pointer use flaw was found in the Samba daemon (smbd). A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd (by default, the root user). (CVE-2015-0240) For additional information about thisflaw, see the Knowledgebase article at https://access.redhat.com/articles/1346913 Red Hat would like to thank the Samba project for reporting this issue. Upstream acknowledges Richard van Eeden of Microsoft Vulnerability Research as the original reporter of this issue. All Samba users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, the smb service will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1191325 - CVE-2015-0240 samba: talloc free on uninitialized stack pointer in netlogon server could lead to remote-code execution 6. Package List: Red Hat Enterprise Linux HPC Node EUS (v. 6.4): Source: samba4-4.0.0-57.el6_4.rc4.src.rpm x86_64: samba4-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-client-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-common-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-dc-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-dc-libs-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-debuginfo-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-devel-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-libs-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-pidl-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-python-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-swat-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-test-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-winbind-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-winbind-clients-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-winbind-krb5-locator-4.0.0-57.el6_4.rc4.x86_64.rpm Red Hat Enterprise Linux HPC Node EUS (v.6.5): Source: samba4-4.0.0-65.el6_5.rc4.src.rpm x86_64: samba4-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-client-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-common-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-dc-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-dc-libs-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-debuginfo-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-devel-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-libs-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-pidl-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-python-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-swat-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-test-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-winbind-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-winbind-clients-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-winbind-krb5-locator-4.0.0-65.el6_5.rc4.x86_64.rpm Red Hat Enterprise Linux Server EUS (v.6.4): Source: samba4-4.0.0-57.el6_4.rc4.src.rpm i386: samba4-4.0.0-57.el6_4.rc4.i686.rpm samba4-client-4.0.0-57.el6_4.rc4.i686.rpm samba4-common-4.0.0-57.el6_4.rc4.i686.rpm samba4-dc-4.0.0-57.el6_4.rc4.i686.rpm samba4-dc-libs-4.0.0-57.el6_4.rc4.i686.rpm samba4-debuginfo-4.0.0-57.el6_4.rc4.i686.rpm samba4-devel-4.0.0-57.el6_4.rc4.i686.rpm samba4-libs-4.0.0-57.el6_4.rc4.i686.rpm samba4-pidl-4.0.0-57.el6_4.rc4.i686.rpm samba4-python-4.0.0-57.el6_4.rc4.i686.rpm samba4-swat-4.0.0-57.el6_4.rc4.i686.rpm samba4-test-4.0.0-57.el6_4.rc4.i686.rpm samba4-winbind-4.0.0-57.el6_4.rc4.i686.rpm samba4-winbind-clients-4.0.0-57.el6_4.rc4.i686.rpm samba4-winbind-krb5-locator-4.0.0-57.el6_4.rc4.i686.rpm ppc64: samba4-4.0.0-57.el6_4.rc4.ppc64.rpm samba4-client-4.0.0-57.el6_4.rc4.ppc64.rpm samba4-common-4.0.0-57.el6_4.rc4.ppc64.rpm samba4-dc-4.0.0-57.el6_4.rc4.ppc64.rpm samba4-dc-libs-4.0.0-57.el6_4.rc4.ppc64.rpm samba4-debuginfo-4.0.0-57.el6_4.rc4.ppc64.rpm samba4-devel-4.0.0-57.el6_4.rc4.ppc64.rpm samba4-libs-4.0.0-57.el6_4.rc4.ppc64.rpm samba4-pidl-4.0.0-57.el6_4.rc4.ppc64.rpm samba4-python-4.0.0-57.el6_4.rc4.ppc64.rpm samba4-swat-4.0.0-57.el6_4.rc4.ppc64.rpm samba4-test-4.0.0-57.el6_4.rc4.ppc64.rpm samba4-winbind-4.0.0-57.el6_4.rc4.ppc64.rpm samba4-winbind-clients-4.0.0-57.el6_4.rc4.ppc64.rpm samba4-winbind-krb5-locator-4.0.0-57.el6_4.rc4.ppc64.rpm s390x: samba4-4.0.0-57.el6_4.rc4.s390x.rpm samba4-client-4.0.0-57.el6_4.rc4.s390x.rpm samba4-common-4.0.0-57.el6_4.rc4.s390x.rpm samba4-dc-4.0.0-57.el6_4.rc4.s390x.rpm samba4-dc-libs-4.0.0-57.el6_4.rc4.s390x.rpm samba4-debuginfo-4.0.0-57.el6_4.rc4.s390x.rpm samba4-devel-4.0.0-57.el6_4.rc4.s390x.rpm samba4-libs-4.0.0-57.el6_4.rc4.s390x.rpm samba4-pidl-4.0.0-57.el6_4.rc4.s390x.rpm samba4-python-4.0.0-57.el6_4.rc4.s390x.rpm samba4-swat-4.0.0-57.el6_4.rc4.s390x.rpm samba4-test-4.0.0-57.el6_4.rc4.s390x.rpm samba4-winbind-4.0.0-57.el6_4.rc4.s390x.rpm samba4-winbind-clients-4.0.0-57.el6_4.rc4.s390x.rpm samba4-winbind-krb5-locator-4.0.0-57.el6_4.rc4.s390x.rpm x86_64: samba4-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-client-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-common-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-dc-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-dc-libs-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-debuginfo-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-devel-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-libs-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-pidl-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-python-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-swat-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-test-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-winbind-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-winbind-clients-4.0.0-57.el6_4.rc4.x86_64.rpm samba4-winbind-krb5-locator-4.0.0-57.el6_4.rc4.x86_64.rpm Red Hat Enterprise Linux Server EUS (v.6.5): Source: samba4-4.0.0-65.el6_5.rc4.src.rpm i386: samba4-4.0.0-65.el6_5.rc4.i686.rpm samba4-client-4.0.0-65.el6_5.rc4.i686.rpm samba4-common-4.0.0-65.el6_5.rc4.i686.rpm samba4-dc-4.0.0-65.el6_5.rc4.i686.rpm samba4-dc-libs-4.0.0-65.el6_5.rc4.i686.rpm samba4-debuginfo-4.0.0-65.el6_5.rc4.i686.rpm samba4-devel-4.0.0-65.el6_5.rc4.i686.rpm samba4-libs-4.0.0-65.el6_5.rc4.i686.rpm samba4-pidl-4.0.0-65.el6_5.rc4.i686.rpm samba4-python-4.0.0-65.el6_5.rc4.i686.rpm samba4-swat-4.0.0-65.el6_5.rc4.i686.rpm samba4-test-4.0.0-65.el6_5.rc4.i686.rpm samba4-winbind-4.0.0-65.el6_5.rc4.i686.rpm samba4-winbind-clients-4.0.0-65.el6_5.rc4.i686.rpm samba4-winbind-krb5-locator-4.0.0-65.el6_5.rc4.i686.rpm ppc64: samba4-4.0.0-65.el6_5.rc4.ppc64.rpm samba4-client-4.0.0-65.el6_5.rc4.ppc64.rpm samba4-common-4.0.0-65.el6_5.rc4.ppc64.rpm samba4-dc-4.0.0-65.el6_5.rc4.ppc64.rpm samba4-dc-libs-4.0.0-65.el6_5.rc4.ppc64.rpm samba4-debuginfo-4.0.0-65.el6_5.rc4.ppc64.rpm samba4-devel-4.0.0-65.el6_5.rc4.ppc64.rpm samba4-libs-4.0.0-65.el6_5.rc4.ppc64.rpm samba4-pidl-4.0.0-65.el6_5.rc4.ppc64.rpm samba4-python-4.0.0-65.el6_5.rc4.ppc64.rpm samba4-swat-4.0.0-65.el6_5.rc4.ppc64.rpm samba4-test-4.0.0-65.el6_5.rc4.ppc64.rpm samba4-winbind-4.0.0-65.el6_5.rc4.ppc64.rpm samba4-winbind-clients-4.0.0-65.el6_5.rc4.ppc64.rpm samba4-winbind-krb5-locator-4.0.0-65.el6_5.rc4.ppc64.rpm s390x: samba4-4.0.0-65.el6_5.rc4.s390x.rpm samba4-client-4.0.0-65.el6_5.rc4.s390x.rpm samba4-common-4.0.0-65.el6_5.rc4.s390x.rpm samba4-dc-4.0.0-65.el6_5.rc4.s390x.rpm samba4-dc-libs-4.0.0-65.el6_5.rc4.s390x.rpm samba4-debuginfo-4.0.0-65.el6_5.rc4.s390x.rpm samba4-devel-4.0.0-65.el6_5.rc4.s390x.rpm samba4-libs-4.0.0-65.el6_5.rc4.s390x.rpm samba4-pidl-4.0.0-65.el6_5.rc4.s390x.rpm samba4-python-4.0.0-65.el6_5.rc4.s390x.rpm samba4-swat-4.0.0-65.el6_5.rc4.s390x.rpm samba4-test-4.0.0-65.el6_5.rc4.s390x.rpm samba4-winbind-4.0.0-65.el6_5.rc4.s390x.rpm samba4-winbind-clients-4.0.0-65.el6_5.rc4.s390x.rpm samba4-winbind-krb5-locator-4.0.0-65.el6_5.rc4.s390x.rpm x86_64: samba4-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-client-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-common-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-dc-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-dc-libs-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-debuginfo-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-devel-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-libs-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-pidl-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-python-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-swat-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-test-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-winbind-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-winbind-clients-4.0.0-65.el6_5.rc4.x86_64.rpm samba4-winbind-krb5-locator-4.0.0-65.el6_5.rc4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2015-0240 https://access.redhat.com/security/updates/classification#critical https://access.redhat.com/articles/1346913 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFU64SlXlSAg2UNWIIRAgIfAJ0bgb9HpxPdeIQ8AGxHlZcQT5YDTwCglq/u Jgub9dS5ZOQzM8Ni9/XL1FE=qp3l -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Urgent samba4 patch released for Red Hat Enterprise Linux versions 6.4 and 6.5 addressing a severe remote execution vulnerability.. Remote Code Execution,Samba Security Patch,Red Hat 6.4 Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 23, 2015 Critical Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity issuebuffer overflow

Red Hat Enterprise Linux: RHSA-2013:0827-01 Important Buffer Overflow Fix

Updated openswan packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: openswan security update Advisory ID: RHSA-2013:0827-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2013:0827.html Issue date: 2013-05-15 CVE Names: CVE-2013-2053 ==================================================================== 1. Summary: Updated openswan packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: Openswan is a free implementation of Internet Protocol Security (IPsec) and Internet Key Exchange (IKE). IPsec uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. When using Opportunistic Encryption, Openswan's pluto IKE daemonrequests DNS TXT records to obtain public RSA keys of itself and its peers. A buffer overflow flaw was found in Openswan. If Opportunistic Encryption were enabled ("oe=yes" in "/etc/ipsec.conf") and an RSA key configured, an attacker able to cause a system to perform a DNS lookup for an attacker-controlled domain containing malicious records (such as by sending an email that triggers a DKIM or SPF DNS record lookup) could cause Openswan's pluto IKE daemon to crash or, potentially, execute arbitrary code with root privileges. With "oe=yes" but no RSA key configured, the issue can only be triggered by attackers on the local network who can control the reverse DNS entry of the target system. Opportunistic Encryption is disabled by default. (CVE-2013-2053) This issue was discovered by Florian Weimer of the Red Hat Product Security Team. All users of openswan are advised to upgrade to these updated packages, which contain backported patches to correct this issue. After installing this update, the ipsec service will be restarted automatically. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 960229 - CVE-2013-2053 Openswan: remote buffer overflow in atodn() 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: openswan-2.6.32-5.el5_9.i386.rpm openswan-debuginfo-2.6.32-5.el5_9.i386.rpm openswan-doc-2.6.32-5.el5_9.i386.rpm x86_64: openswan-2.6.32-5.el5_9.x86_64.rpm openswan-debuginfo-2.6.32-5.el5_9.x86_64.rpm openswan-doc-2.6.32-5.el5_9.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: i386: openswan-2.6.32-5.el5_9.i386.rpm openswan-debuginfo-2.6.32-5.el5_9.i386.rpm openswan-doc-2.6.32-5.el5_9.i386.rpm ia64: openswan-2.6.32-5.el5_9.ia64.rpm openswan-debuginfo-2.6.32-5.el5_9.ia64.rpm openswan-doc-2.6.32-5.el5_9.ia64.rpm ppc: openswan-2.6.32-5.el5_9.ppc.rpm openswan-debuginfo-2.6.32-5.el5_9.ppc.rpm openswan-doc-2.6.32-5.el5_9.ppc.rpm s390x: openswan-2.6.32-5.el5_9.s390x.rpm openswan-debuginfo-2.6.32-5.el5_9.s390x.rpm openswan-doc-2.6.32-5.el5_9.s390x.rpm x86_64: openswan-2.6.32-5.el5_9.x86_64.rpm openswan-debuginfo-2.6.32-5.el5_9.x86_64.rpm openswan-doc-2.6.32-5.el5_9.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: i386: openswan-2.6.32-20.el6_4.i686.rpm openswan-debuginfo-2.6.32-20.el6_4.i686.rpm x86_64: openswan-2.6.32-20.el6_4.x86_64.rpm openswan-debuginfo-2.6.32-20.el6_4.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: i386: openswan-debuginfo-2.6.32-20.el6_4.i686.rpm openswan-doc-2.6.32-20.el6_4.i686.rpm x86_64: openswan-debuginfo-2.6.32-20.el6_4.x86_64.rpm openswan-doc-2.6.32-20.el6_4.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: i386: openswan-2.6.32-20.el6_4.i686.rpm openswan-debuginfo-2.6.32-20.el6_4.i686.rpm ppc64: openswan-2.6.32-20.el6_4.ppc64.rpm openswan-debuginfo-2.6.32-20.el6_4.ppc64.rpm s390x: openswan-2.6.32-20.el6_4.s390x.rpm openswan-debuginfo-2.6.32-20.el6_4.s390x.rpm x86_64: openswan-2.6.32-20.el6_4.x86_64.rpm openswan-debuginfo-2.6.32-20.el6_4.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: i386: openswan-debuginfo-2.6.32-20.el6_4.i686.rpm openswan-doc-2.6.32-20.el6_4.i686.rpm ppc64: openswan-debuginfo-2.6.32-20.el6_4.ppc64.rpm openswan-doc-2.6.32-20.el6_4.ppc64.rpm s390x: openswan-debuginfo-2.6.32-20.el6_4.s390x.rpm openswan-doc-2.6.32-20.el6_4.s390x.rpm x86_64: openswan-debuginfo-2.6.32-20.el6_4.x86_64.rpm openswan-doc-2.6.32-20.el6_4.x86_64.rpm Red Hat Enterprise Linux Workstation (v.6): Source: i386: openswan-2.6.32-20.el6_4.i686.rpm openswan-debuginfo-2.6.32-20.el6_4.i686.rpm x86_64: openswan-2.6.32-20.el6_4.x86_64.rpm openswan-debuginfo-2.6.32-20.el6_4.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: i386: openswan-debuginfo-2.6.32-20.el6_4.i686.rpm openswan-doc-2.6.32-20.el6_4.i686.rpm x86_64: openswan-debuginfo-2.6.32-20.el6_4.x86_64.rpm openswan-doc-2.6.32-20.el6_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2013-2053 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFRk8sjXlSAg2UNWIIRAjrgAJ9oollH049qJcLrs9MHPTNJ2K3dOwCfV10y g0WS28nI359E8kmJg7AOxTU=iaEV -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . CentOS announces critical OpenVPN patch resolving a stack overflow vulnerability impacting businesses on CentOS Stream.. Red Hat Security, Openswan Update, Linux Buffer Overflow, Enterprise Security. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 15, 2013 Important Red Hat
Banner 4 1028x280 1708121825 1771600306
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorycriticalred hat enterprise

Red Hat Enterprise Linux RHSA-2012:1245-01 Critical: Java Update

Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.5.0-ibm security update Advisory ID: RHSA-2012:1245-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://access.redhat.com/errata/RHSA-2012:1245.html Issue date: 2012-09-07 CVE Names: CVE-2012-1713 CVE-2012-1716 CVE-2012-1717 CVE-2012-1718 CVE-2012-1719 CVE-2012-1725 ==================================================================== 1. Summary: Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section.(CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1718, CVE-2012-1719, CVE-2012-1725) All users of java-1.5.0-ibm are advised to upgrade to these updated packages, containing the IBM J2SE 5.0 SR14 release. All running instances of IBM Java must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 829358 - CVE-2012-1717 OpenJDK: insecure temporary file permissions (JRE, 7143606) 829360 - CVE-2012-1716 OpenJDK: SynthLookAndFeel application context bypass (Swing, 7143614) 829361 - CVE-2012-1713 OpenJDK: fontmanager layout lookup code memory corruption (2D, 7143617) 829371 - CVE-2012-1719 OpenJDK: mutable repository identifiers in generated stub code (CORBA, 7143851) 829372 - CVE-2012-1718 OpenJDK: CRL and certificate extensions handling improvements (Security, 7143872) 829376 - CVE-2012-1725 OpenJDK: insufficient invokespecial verification (HotSpot, 7160757) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v.5): i386: java-1.5.0-ibm-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-accessibility-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-demo-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-jdbc-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-plugin-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-src-1.5.0.14.0-1jpp.1.el5_8.i386.rpm x86_64: java-1.5.0-ibm-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-1.5.0.14.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-accessibility-1.5.0.14.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-demo-1.5.0.14.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.14.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-jdbc-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-plugin-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-src-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-src-1.5.0.14.0-1jpp.1.el5_8.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v.5): i386: java-1.5.0-ibm-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-accessibility-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-demo-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-jdbc-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-plugin-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-src-1.5.0.14.0-1jpp.1.el5_8.i386.rpm ppc: java-1.5.0-ibm-1.5.0.14.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-1.5.0.14.0-1jpp.1.el5_8.ppc64.rpm java-1.5.0-ibm-accessibility-1.5.0.14.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-demo-1.5.0.14.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-demo-1.5.0.14.0-1jpp.1.el5_8.ppc64.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el5_8.ppc64.rpm java-1.5.0-ibm-javacomm-1.5.0.14.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-javacomm-1.5.0.14.0-1jpp.1.el5_8.ppc64.rpm java-1.5.0-ibm-jdbc-1.5.0.14.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-plugin-1.5.0.14.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-src-1.5.0.14.0-1jpp.1.el5_8.ppc.rpm java-1.5.0-ibm-src-1.5.0.14.0-1jpp.1.el5_8.ppc64.rpm s390x: java-1.5.0-ibm-1.5.0.14.0-1jpp.1.el5_8.s390.rpm java-1.5.0-ibm-1.5.0.14.0-1jpp.1.el5_8.s390x.rpm java-1.5.0-ibm-accessibility-1.5.0.14.0-1jpp.1.el5_8.s390x.rpm java-1.5.0-ibm-demo-1.5.0.14.0-1jpp.1.el5_8.s390.rpm java-1.5.0-ibm-demo-1.5.0.14.0-1jpp.1.el5_8.s390x.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el5_8.s390.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el5_8.s390x.rpm java-1.5.0-ibm-jdbc-1.5.0.14.0-1jpp.1.el5_8.s390.rpm java-1.5.0-ibm-src-1.5.0.14.0-1jpp.1.el5_8.s390.rpm java-1.5.0-ibm-src-1.5.0.14.0-1jpp.1.el5_8.s390x.rpm x86_64: java-1.5.0-ibm-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-1.5.0.14.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-accessibility-1.5.0.14.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-demo-1.5.0.14.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-javacomm-1.5.0.14.0-1jpp.1.el5_8.x86_64.rpm java-1.5.0-ibm-jdbc-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-plugin-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-src-1.5.0.14.0-1jpp.1.el5_8.i386.rpm java-1.5.0-ibm-src-1.5.0.14.0-1jpp.1.el5_8.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.5.0-ibm-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-demo-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-javacomm-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-jdbc-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-plugin-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-src-1.5.0.14.0-1jpp.1.el6_3.i686.rpm x86_64: java-1.5.0-ibm-1.5.0.14.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.14.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.14.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-src-1.5.0.14.0-1jpp.1.el6_3.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.5.0-ibm-1.5.0.14.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.14.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.14.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-src-1.5.0.14.0-1jpp.1.el6_3.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v.6): i386: java-1.5.0-ibm-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-demo-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-javacomm-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-jdbc-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-plugin-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-src-1.5.0.14.0-1jpp.1.el6_3.i686.rpm ppc64: java-1.5.0-ibm-1.5.0.14.0-1jpp.1.el6_3.ppc64.rpm java-1.5.0-ibm-demo-1.5.0.14.0-1jpp.1.el6_3.ppc64.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el6_3.ppc.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el6_3.ppc64.rpm java-1.5.0-ibm-javacomm-1.5.0.14.0-1jpp.1.el6_3.ppc64.rpm java-1.5.0-ibm-jdbc-1.5.0.14.0-1jpp.1.el6_3.ppc.rpm java-1.5.0-ibm-plugin-1.5.0.14.0-1jpp.1.el6_3.ppc.rpm java-1.5.0-ibm-src-1.5.0.14.0-1jpp.1.el6_3.ppc64.rpm s390x: java-1.5.0-ibm-1.5.0.14.0-1jpp.1.el6_3.s390x.rpm java-1.5.0-ibm-demo-1.5.0.14.0-1jpp.1.el6_3.s390x.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el6_3.s390.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el6_3.s390x.rpm java-1.5.0-ibm-jdbc-1.5.0.14.0-1jpp.1.el6_3.s390.rpm java-1.5.0-ibm-src-1.5.0.14.0-1jpp.1.el6_3.s390x.rpm x86_64: java-1.5.0-ibm-1.5.0.14.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.14.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.14.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-src-1.5.0.14.0-1jpp.1.el6_3.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v.6): i386: java-1.5.0-ibm-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-demo-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-javacomm-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-jdbc-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-plugin-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-src-1.5.0.14.0-1jpp.1.el6_3.i686.rpm x86_64: java-1.5.0-ibm-1.5.0.14.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-demo-1.5.0.14.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el6_3.i686.rpm java-1.5.0-ibm-devel-1.5.0.14.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-javacomm-1.5.0.14.0-1jpp.1.el6_3.x86_64.rpm java-1.5.0-ibm-src-1.5.0.14.0-1jpp.1.el6_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://access.redhat.com/security/cve/CVE-2012-1713 https://access.redhat.com/security/cve/CVE-2012-1716 https://access.redhat.com/security/cve/CVE-2012-1717 https://access.redhat.com/security/cve/CVE-2012-1718 https://access.redhat.com/security/cve/CVE-2012-1719 https://access.redhat.com/security/cve/CVE-2012-1725 https://access.redhat.com/security/updates/classification/#critical https://www.ibm.com/support/pages/java-sdk/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2012 Red Hat, Inc. . Urgent Red Hat guidance announces updates to java-1.5.0-ibm addressing vital security vulnerabilities across various platforms.. Red Hat Security, IBM Java Updates, Software Maintenance, Package Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 07, 2012 Critical Red Hat
99
Ls Advisories Slackware Esm H240
Price Tag 1security advisorymoderateapache

Slackware 8.1-11.0 Moderate: Apache 1.3.41 Security Fix Available

New apache 1.3.41 packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix security issues. A new matching mod_ssl package is also provided. More details about the issues may be found in the Common . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] apache (SSA:2008-045-02) New apache 1.3.41 packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix security issues. A new matching mod_ssl package is also provided. More details about the issues may be found in the Common Vulnerabilities and Exposures (CVE) database: https://www.cve.org/CVERecord?id=CVE-2007-6388 https://www.cve.org/CVERecord?id=CVE-2007-5000 https://www.cve.org/CVERecord?id=CVE-2007-3847 Here are the details from the Slackware 11.0 ChangeLog: +--------------------------+ patches/packages/apache-1.3.41-i486-1_slack11.0.tgz: Upgraded to apache-1.3.41, the last regular release of the Apache 1.3.x series, and a security bugfix-only release. For more information about the security issues fixed, see: https://www.cve.org/CVERecord?id=CVE-2007-6388 https://www.cve.org/CVERecord?id=CVE-2007-5000 https://www.cve.org/CVERecord?id=CVE-2007-3847 (* Security fix *) patches/packages/mod_ssl-2.8.31_1.3.41-i486-1_slack11.0.tgz: Upgraded to mod_ssl-2.8.31-1.3.41 to work with apache_1.3.41. +--------------------------+ Where to find the new packages: +-----------------------------+ HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading directly from ftp.slackware.com. Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated packages for Slackware8.1: ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/apache-1.3.41-i386-1_slack8.1.tgz ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/mod_ssl-2.8.31_1.3.41-i386-1_slack8.1.tgz Updated packages for Slackware 9.0: ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/apache-1.3.41-i386-1_slack9.0.tgz ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/mod_ssl-2.8.31_1.3.41-i386-1_slack9.0.tgz Updated packages for Slackware 9.1: ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/apache-1.3.41-i486-1_slack9.1.tgz ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/mod_ssl-2.8.31_1.3.41-i486-1_slack9.1.tgz Updated packages for Slackware 10.0: ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/apache-1.3.41-i486-1_slack10.0.tgz ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/mod_ssl-2.8.31_1.3.41-i486-1_slack10.0.tgz Updated packages for Slackware 10.1: ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/apache-1.3.41-i486-1_slack10.1.tgz ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/mod_ssl-2.8.31_1.3.41-i486-1_slack10.1.tgz Updated packages for Slackware 10.2: ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/apache-1.3.41-i486-1_slack10.2.tgz ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/mod_ssl-2.8.31_1.3.41-i486-1_slack10.2.tgz Updated packages for Slackware 11.0: ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/apache-1.3.41-i486-1_slack11.0.tgz ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/mod_ssl-2.8.31_1.3.41-i486-1_slack11.0.tgz MD5 signatures: +-------------+ Slackware 8.1 packages: 6cc8d3c128d52a3d27ca37b7456ff1fe apache-1.3.41-i386-1_slack8.1.tgz 9ae1dcb8bb7b9bc88fde88d16212e734 mod_ssl-2.8.31_1.3.41-i386-1_slack8.1.tgz Slackware 9.0 packages: c26a86befaa00c1111b49c22d9e85cd8 apache-1.3.41-i386-1_slack9.0.tgz 774d1613a29bba8b96c0b446d63ddc39 mod_ssl-2.8.31_1.3.41-i386-1_slack9.0.tgz Slackware 9.1 packages: 5f80ea085bbca07a22b1110e7e292d8a apache-1.3.41-i486-1_slack9.1.tgz 7f4979e63af16c53557700f4df7b86d1 mod_ssl-2.8.31_1.3.41-i486-1_slack9.1.tgz Slackware 10.0 packages: 5147add3bc234f7615db078ce2a8cab1 apache-1.3.41-i486-1_slack10.0.tgz 329cc9a783d7dd7d31bdec5f4c8a4a23 mod_ssl-2.8.31_1.3.41-i486-1_slack10.0.tgz Slackware 10.1 packages: 4ee6b38b92e8c8ccf6b31f7361d78b71 apache-1.3.41-i486-1_slack10.1.tgz a3f9efb14872870944e641376adadbff mod_ssl-2.8.31_1.3.41-i486-1_slack10.1.tgz Slackware 10.2 packages: 4c797d094998917086c3b5930e5a5c02 apache-1.3.41-i486-1_slack10.2.tgz 283b72160550a9fc3edd628f4efa460f mod_ssl-2.8.31_1.3.41-i486-1_slack10.2.tgz Slackware 11.0 packages: 7698a1518b7d0d423c807e76e2714e87 apache-1.3.41-i486-1_slack11.0.tgz 3a18465e0e2bc2dfe1d1be2c94c38a90 mod_ssl-2.8.31_1.3.41-i486-1_slack11.0.tgz Installation instructions: +------------------------+ First, stop apache: # apachectl stop Then, upgrade the packages: # upgradepkg apache-1.3.41-i486-1_slack11.0.tgz mod_ssl-2.8.31_1.3.41-i486-1_slack11.0.tgz Finally, restart apache: # apachectl start Or, if you use mod_ssl: # apachectl startssl +-----+ . The release of Apache 1.3.41 packages mitigates critical security flaws impacting various iterations of Slackware.. Apache Fix, Slackware Update, Mod_Ssl Security. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 15, 2008 Important Slackware
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here