Alerts This Week
Warning Icon 1 469
Alerts This Week
Warning Icon 1 469

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 32 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorySuSEimportant

SUSE Linux Enterprise 15 SP6 Important Kernel Fix CVE-2026-23268

An update that solves one vulnerability can now be installed.. # Security update for the Linux Kernel (Live Patch 19 for SUSE Linux Enterprise 15 SP6) Announcement ID: SUSE-SU-2026:1527-1 Release Date: 2026-04-21T10:34:38Z Rating: important References: * bsc#1259859 Cross-References: * CVE-2026-23268 CVSS scores: * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.84 fixes one security issue The following security issue was fixed: * CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management (bsc#1259859). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1527=1 SUSE-2026-1528=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-1527=1 SUSE-SLE- Module-Live-Patching-15-SP6-2026-1528=1 ## Package List: * openSUSE Leap 15.6 (x86_64) * kernel-livepatch-SLE15-SP6_Update_18-debugsource-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_81-default-debuginfo-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_81-default-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_84-default-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_84-default-debuginfo-4-150600.2.1 *kernel-livepatch-SLE15-SP6_Update_19-debugsource-4-150600.2.1 * openSUSE Leap 15.6 (ppc64le s390x) * kernel-livepatch-SLE15-SP6_Update_19-debugsource-4-150600.2.2 * kernel-livepatch-6_4_0-150600_23_81-default-debuginfo-4-150600.2.2 * kernel-livepatch-6_4_0-150600_23_84-default-debuginfo-4-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_18-debugsource-4-150600.2.2 * kernel-livepatch-6_4_0-150600_23_84-default-4-150600.2.2 * kernel-livepatch-6_4_0-150600_23_81-default-4-150600.2.2 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x) * kernel-livepatch-SLE15-SP6_Update_19-debugsource-4-150600.2.2 * kernel-livepatch-6_4_0-150600_23_81-default-debuginfo-4-150600.2.2 * kernel-livepatch-6_4_0-150600_23_84-default-debuginfo-4-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_18-debugsource-4-150600.2.2 * kernel-livepatch-6_4_0-150600_23_84-default-4-150600.2.2 * kernel-livepatch-6_4_0-150600_23_81-default-4-150600.2.2 * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-SLE15-SP6_Update_18-debugsource-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_81-default-debuginfo-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_81-default-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_84-default-4-150600.2.1 * kernel-livepatch-6_4_0-150600_23_84-default-debuginfo-4-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_19-debugsource-4-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-23268.html * https://bugzilla.suse.com/show_bug.cgi?id=1259859 . Update resolves critical kernel issue, enhance your SUSE Linux performance with important updates for security.. SUSE Kernel Patch, Linux Security Update, Live Patch Instructions. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 21, 2026 Important SuSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorySuSEimportant

SUSE Linux Enterprise 15 SP6 Kernel Important Advisory 2026-1463-1

An update that solves two vulnerabilities can now be installed.. # Security update for the Linux Kernel (Live Patch 12 for SUSE Linux Enterprise 15 SP6) Announcement ID: SUSE-SU-2026:1463-1 Release Date: 2026-04-20T06:34:20Z Rating: important References: * bsc#1255066 * bsc#1259859 Cross-References: * CVE-2025-40309 * CVE-2026-23268 CVSS scores: * CVE-2025-40309 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-40309 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-23268 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-23268 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.53 fixes various security issues The following security issues were fixed: * CVE-2025-40309: Bluetooth: SCO: Fix UAF on sco_conn_free (bsc#1255066). * CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy management (bsc#1259859). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-1463=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-1463=1 ## Package List: * openSUSE Leap 15.6 (x86_64) * kernel-livepatch-6_4_0-150600_23_53-default-debuginfo-15-150600.2.1 *kernel-livepatch-SLE15-SP6_Update_12-debugsource-15-150600.2.1 * kernel-livepatch-6_4_0-150600_23_53-default-15-150600.2.1 * openSUSE Leap 15.6 (ppc64le s390x) * kernel-livepatch-6_4_0-150600_23_53-default-debuginfo-15-150600.2.2 * kernel-livepatch-6_4_0-150600_23_53-default-15-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_12-debugsource-15-150600.2.2 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x) * kernel-livepatch-6_4_0-150600_23_53-default-debuginfo-15-150600.2.2 * kernel-livepatch-6_4_0-150600_23_53-default-15-150600.2.2 * kernel-livepatch-SLE15-SP6_Update_12-debugsource-15-150600.2.2 * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_23_53-default-debuginfo-15-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_12-debugsource-15-150600.2.1 * kernel-livepatch-6_4_0-150600_23_53-default-15-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-40309.html * https://www.suse.com/security/cve/CVE-2026-23268.html * https://bugzilla.suse.com/show_bug.cgi?id=1255066 * https://bugzilla.suse.com/show_bug.cgi?id=1259859 . Update for SUSE Linux Enterprise Kernel addresses critical security issues and recommends swift patching for vulnerabilities.. SUSE Linux, Kernel Update, Security Issues, Live Patching, Important Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 20, 2026 Important SuSE
Banner 4 1028x280 1708121825 1771600306
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderatedenial of service

SUSE: cups Moderate Local DoS CVE-2025-61915 Advisory 2025:4289-1

* bsc#1253783 Cross-References: * CVE-2025-61915 . # Security update for cups Announcement ID: SUSE-SU-2025:4289-1 Release Date: 2025-11-28T08:50:37Z Rating: moderate References: * bsc#1253783 Cross-References: * CVE-2025-61915 CVSS scores: * CVE-2025-61915 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-61915 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for cups fixes the following issues: * CVE-2025-61915: Fixed local denial-of-service via cupsd.conf update (bsc#1253783) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-4289=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * cups-client-debuginfo-1.7.5-20.57.1 * cups-1.7.5-20.57.1 * cups-libs-1.7.5-20.57.1 * cups-libs-debuginfo-32bit-1.7.5-20.57.1 * cups-debuginfo-1.7.5-20.57.1 * cups-libs-32bit-1.7.5-20.57.1 * cups-libs-debuginfo-1.7.5-20.57.1 * cups-devel-1.7.5-20.57.1 * cups-client-1.7.5-20.57.1 * cups-debugsource-1.7.5-20.57.1 ## References: * https://www.suse.com/security/cve/CVE-2025-61915.html * https://bugzilla.suse.com/show_bug.cgi?id=1253783 . Important SUSE security update for cups addressing local denial-of-service from CVE-2025-61915. Install recommended patch.. SUSE cups update security moderate CVE-2025-61915. . LinuxSecurity.com Team

Calendar 2 Nov 28, 2025 SuSE
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorydenial of servicegentoo

Gentoo: GLSA-202007-46 Normal: D-Bus Denial of Service Risk

A local Denial of Service vulnerability was discovered in D-Bus.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202007-46 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: D-Bus: Denial of service Date: July 27, 2020 Bugs: #727104 ID: 202007-46 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A local Denial of Service vulnerability was discovered in D-Bus. Background ========= D-Bus is a message bus system which processes can use to talk to each other. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 sys-apps/dbus < 1.12.18 > = 1.12.18 Description ========== D-Bus does not correctly dispose of old connections meaning that it is possible for D-Bus to hit a connection limit. Impact ===== An attacker could cause a possible Denial of Service condition. Workaround ========= There is no known workaround at this time. Resolution ========= All D-Bus users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =sys-apps/dbus-1.12.18" References ========= [ 1 ] CVE-2020-12049 https://nvd.nist.gov/vuln/detail/CVE-2020-12049 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202007-46 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressedto This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2020 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . A significant Denial of Service flaw in D-Bus has been discovered on Gentoo platforms. Promptly update to maintain system integrity.. Denial of Service, Gentoo, D-Bus, Security Advisory, Upgrade. . LinuxSecurity.com Team

Calendar 2 Jul 26, 2020 Gentoo
Banner 4 1028x280 1708121825 1771600306
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorypatchimportant

SUSE: 2020:1790-1 Important: Local Root Exploit Fix for Tomcat

An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for tomcat ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:1790-1 Rating: important References: #1172405 Cross-References: CVE-2020-8022 Affected Products: SUSE Linux Enterprise Module for Web Scripting 15-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for tomcat fixes the following issues: - CVE-2020-8022: Fixed a local root exploit due to improper permissions (bsc#1172405) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Web Scripting 15-SP1: zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP1-2020-1790=1 Package List: - SUSE Linux Enterprise Module for Web Scripting 15-SP1 (noarch): tomcat-9.0.35-4.35.1 tomcat-admin-webapps-9.0.35-4.35.1 tomcat-el-3_0-api-9.0.35-4.35.1 tomcat-jsp-2_3-api-9.0.35-4.35.1 tomcat-lib-9.0.35-4.35.1 tomcat-servlet-4_0-api-9.0.35-4.35.1 tomcat-webapps-9.0.35-4.35.1 References: https://www.suse.com/security/cve/CVE-2020-8022.html https://bugzilla.suse.com/1172405 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . SUSE Security Patch for Tomcat mitigates a potential local privilege escalation issue, reinforcing system security and stability.. SUSE Security Update, Tomcat Patch, Local Root Exploit, Important Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 26, 2020 Important SuSE
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorymoderatesecurity issue

Debian: 3142-2 Moderate: Ansible Security Vulnerabilities Resolution Notice

Several vulnerabilities were discovered in puppet, a centralized configuration management system. The Common Vulnerabilities and Exposures project identifies the following problems: . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2761-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Raphael Geissert September 19, 2013 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : puppet Vulnerability : several Problem type : local Debian-specific: no CVE ID : CVE-2013-4761 CVE-2013-4956 Several vulnerabilities were discovered in puppet, a centralized configuration management system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-4761 The 'resource_type' service (disabled by default) could be used to make puppet load arbitrary Ruby code from puppet master's file system. CVE-2013-4956 Modules installed with the Puppet Module Tool might be installed with weak permissions, possibly allowing local users to read or modify them. The stable distribution (wheezy) has been updated to version 2.7.33 of puppet. This version includes the patches for all the previous DSAs related to puppet in wheezy. In this version, the puppet report format is now correctly reported as version 3. It is to be expected that future DSAs for puppet update to a newer, bug fix-only, release of the 2.7 branch. The oldstable distribution (squeeze) has not been updated for this advisory: as of this time there is no fix for CVE-2013-4761 and the package is not affected by CVE-2013-4956. For the stable distribution (wheezy), these problems have been fixed in version 2.7.23-1~deb7u1. For the testing distribution (jessie) and the unstable distribution (sid), these problems have been fixed in version 3.2.4-1. We recommend thatyou upgrade your puppet packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian has released an update for Puppet that resolves several security issues. To maintain the integrity of your system, make sure to install the latest updates promptly.. Puppet Security Advisory, Debian Update, Local Exploits, Configuration Issues. . LinuxSecurity.com Team

Calendar 2 Sep 19, 2013 Debian
Banner 4 1028x280 1708121825 1771600306
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticaldebian

Debian 4:0.5.9-1 Critical: Ffmpeg Codec Security Problems

It was discovered that ffmpeg, Debian's version of the libav media codec suite, contains vulnerabilities in the DPCM codecs (CVE-2011-3951), H.264 (CVE-2012-0851), ADPCM (CVE-2012-0852), and the KMVC decoder (CVE-2011-3952). . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2494-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Florian Weimer June 14, 2012 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ffmpeg Vulnerability : several Problem type : local (remote) Debian-specific: no CVE ID : CVE-2011-3951 CVE-2011-3952 CVE-2012-0851 CVE-2012-0852 It was discovered that ffmpeg, Debian's version of the libav media codec suite, contains vulnerabilities in the DPCM codecs (CVE-2011-3951), H.264 (CVE-2012-0851), ADPCM (CVE-2012-0852), and the KMVC decoder (CVE-2011-3952). In addition, this update contains bug fixes from the libav 0.5.9 upstream release. For the stable distribution (squeeze), these problems have been fixed in version 4:0.5.9-1. For the unstable distribution (sid), these problems have been fixed in version 6:0.8.3-1. We recommend that you upgrade your ffmpeg packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . An update has been rolled out for Debian's ffmpeg that tackles several codec security flaws along with enhancements for overall performance.. Debian Security, Ffmpeg Update, Codec Issues, Media Codec Suite, Bug Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 14, 2012 Critical Debian
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticaldebian

Debian: DSA-2470-1 Critical Security Vulnerability in libxml2

It was discovered that Apache POI, a Java implementation of the Microsoft Office file formats, would allocate arbitrary amounts of memory when processing crafted documents. This could impact the stability of the Java virtual machine. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2468-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Florian Weimer May 09, 2012 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libjakarta-poi-java Vulnerability : unbounded memory allocation Problem type : local Debian-specific: no CVE ID : CVE-2012-0213 It was discovered that Apache POI, a Java implementation of the Microsoft Office file formats, would allocate arbitrary amounts of memory when processing crafted documents. This could impact the stability of the Java virtual machine. For the stable distribution (squeeze), this problem has been fixed in version 3.6+dfsg-1+squeeze1. We recommend that you upgrade your libjakarta-poi-java packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: http://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . The Ubuntu Security Notice USN-4483-1 concerning libxml2 highlights critical buffer overflow vulnerabilities posing risks to system integrity.. Apache POI, Java Security, Memory Allocation, Debian Updates. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 09, 2012 Critical Debian
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here