Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorycriticallocal file

Mageia 8: MGASA-2023-0180 Critical: Dmidecode Local File Overwrite

Dmidecode allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. (CVE-2023-30630) References: . MGASA-2023-0180 - Updated dmidecode packages fix security vulnerability Publication date: 21 May 2023 URL: https://advisories.mageia.org/MGASA-2023-0180.html Type: security Affected Mageia releases: 8 CVE: CVE-2023-30630 Dmidecode allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. (CVE-2023-30630) References: - https://bugs.mageia.org/show_bug.cgi?id=31883 - https://lists.suse.com/pipermail/sle-security-updates/2023-April/014548.html - - https://www.cve.org/CVERecord?id=CVE-2023-30630 SRPMS: - 8/core/dmidecode-3.5-1.mga8 . DMGASA-2023-0192 enhances netstat to address a severe vulnerabilities linked to unauthorized access. Discover further details.. dmidecode update, mageia security, local file execution, overwrite vulnerability. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 21, 2023 Critical Mageia
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorypatchimportant

SUSE: 2022:4349-1 Important: Buildah Patch Critical Issues

An update that fixes two vulnerabilities is now available. . SUSE Security Update: Security update for buildah ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:4349-1 Rating: important References: #1167864 #1202812 Cross-References: CVE-2020-10696 CVE-2022-2990 CVSS scores: CVE-2020-10696 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2020-10696 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-2990 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVE-2022-2990 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Affected Products: SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Module for Containers 15-SP4 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for buildah fixes the following issues: Version update to 1.28.2. - CVE-2022-2990: Fixed a possible information disclosure and modification vulnerability (bsc#1202812). - CVE-2020-10696: Fixed an issue with a crafted input tar file that may lead to a local file overwriting during image build process (bsc#1167864). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-4349=1 - SUSELinux Enterprise Module for Containers 15-SP4: zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2022-4349=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): buildah-1.28.2-150400.3.11.1 - SUSE Linux Enterprise Module for Containers 15-SP4 (aarch64 ppc64le s390x x86_64): buildah-1.28.2-150400.3.11.1 References: https://www.suse.com/security/cve/CVE-2020-10696.html https://www.suse.com/security/cve/CVE-2022-2990.html https://bugzilla.suse.com/1167864 https://bugzilla.suse.com/1202812 . SUSE Security Patch for podman addresses severe weaknesses including potential data leaks and unauthorized file modifications.. SUSE Linux, Buildah Update, Vulnerability Fix, Package Patch, Security Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Dec 07, 2022 Important SuSE
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraupdate

Fedora 24: 2017-c3dc97e1e1 Critical Risk: PHP-PHPMailer Local File Exposure

**Version 5.2.22** (January 5th 2017) * **SECURITY** Fix [CVE-2017-5223](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5223), local file disclosure vulnerability if content passed to `msgHTML()` is sourced from unfiltered user input. Reported by Yongxiang Li of Asiasecurity. The fix for this means that calls to `msgHTML()` without a `$basedir` will not import. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2017-c3dc97e1e1 2017-01-17 15:59:22.499081 -------------------------------------------------------------------------------- Name : php-PHPMailer Product : Fedora 24 Version : 5.2.22 Release : 1.fc24 URL : https://github.com/PHPMailer/PHPMailer Summary : PHP email transport class with a lot of features Description : Full Featured Email Transfer Class for PHP. PHPMailer features: * Supports emails digitally signed with S/MIME encryption! * Supports emails with multiple TOs, CCs, BCCs and REPLY-TOs * Works on any platform. * Supports Text & HTML emails. * Embedded image support. * Multipart/alternative emails for mail clients that do not read HTML email. * Flexible debugging. * Custom mail headers. * Redundant SMTP servers. * Support for 8bit, base64, binary, and quoted-printable encoding. * Word wrap. * Multiple fs, string, and binary attachments (those from database, string, etc). * SMTP authentication. * Tested on multiple SMTP servers: Sendmail, qmail, Postfix, Gmail, Imail, Exchange, etc. * Good documentation, many examples included in download. * It's swift, small, and simple. -------------------------------------------------------------------------------- Update Information: **Version 5.2.22** (January 5th 2017) * **SECURITY** Fix [CVE-2017-5223](https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5223), local file disclosure vulnerability if content passed to `msgHTML()` is sourced from unfiltered userinput. Reported by Yongxiang Li of Asiasecurity. The fix for this means that calls to `msgHTML()` without a `$basedir` will not import images with relative URLs, and relative URLs containing `..` will be ignored. * Add simple contact form example * Emoji in test content ---- **Version 5.2.21** (December 28th 2016) * Fix missed number update in version file - no functional changes ---- **Version 5.2.20** (December 28th 2016) * **SECURITY** Critical security update for CVE-2016-10045 please update now! Thanks to [Dawid Golunski]() and Paul Buonopane (Zenexer). ---- ** Version 5.2.19** (December 26th 2016) * Minor cleanup ** Version 5.2.18** (December 24th 2016) * **SECURITY** Critical security update for CVE-2016-10033 please update now! Thanks to [Dawid Golunski](). * Add ability to extract the SMTP transaction ID from some common SMTP success messages * Minor documentation tweaks ** Version 5.2.17** (December 9th 2016) * This is officially the last feature release of 5.2. Security fixes only from now on; use PHPMailer 6.0! * Allow DKIM private key to be provided as a string * Provide mechanism to allow overriding of boundary and message ID creation * Improve Brazilian Portuguese, Spanish, Swedish, Romanian, and German translations * PHP 7.1 support for Travis-CI * Fix some language codes * Add security notices * Improve DKIM compatibility in older PHP versions * Improve trapping and capture of SMTP connection errors * Improve passthrough of error levels for debug output * PHPDoc cleanup -------------------------------------------------------------------------------- References: [ 1 ] Bug #1409489 - CVE-2016-10033 phpmailer: Parameter injection via mail() function https://bugzilla.redhat.com/show_bug.cgi?id=1409489 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade php-PHPMailer' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Urgent security patch for php-PHPMailer mitigates potential local file exposure due to unsanitized input. Apply update immediately!. Fedora PHP PHPMailer Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 17, 2017 Critical Fedora
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorymoderateupdate

Debian: DSA-023-1 Moderate: inn2 Local Temp File Threats

Multiple local temp file vulnerabilities exist with previous versions of inn2.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------------- Debian Security Advisory DSA-023-1 This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Martin Schulze January 26, 2001 - ---------------------------------------------------------------------------- Package : inn2 Vulnerability : local tempfile vulnerabilities Debian-specific: no 1. People at WireX have found several potential insecure uses of temporary files in programs provided by INN2. Some of them only lead to a vulnerability to symlink attacks if the temporary directory was set to /tmp or /var/tmp, which is the case in many installations, at least in Debian packages. An attacker could overwrite any file owned by the news system administrator, i.e. owned by news.news. 2. Michal Zalewski found an exploitable buffer overflow with regard to cancel messages and their verification. This bug did only show up if "verifycancels" was enabled in inn.conf which is not the default and has been disrecommended by upstream. 3. Andi Kleen found a bug in INN2 that makes innd crash for two byte headers. There is a chance this can only be exploited with uucp. We recommend you upgrade your inn2 packages immediately. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 2.2 alias potato - ------------------------------------ Potato was released for the alpha, arm, i386, m68k, powerpc and sparc architectures. Source archives: MD5 checksum: b028c55deedf4ec35351103cac48bd85 MD5 checksum: d9621c875f3e5c01d6c26ce3f0c522cb MD5 checksum: fa9ad31115a966b4d81085051801e765 Intel ia32architecture: MD5 checksum: 2977d6653f42533938225aa1575aaafa MD5 checksum: 99c00bc514f528db19eefbbd1a1d31fe MD5 checksum: b46e664217c6c53172cb8bc35c372a5a Motorola 680x0 architecture: MD5 checksum: 1f987988e44bef82fe1f802c0be5ba02 MD5 checksum: be82f2e97709643c1cb2b385a63c51a9 MD5 checksum: 36078955097ec9d490de07e9e1e24c2b Sun Sparc architecture: MD5 checksum: 7511a8d1698ac3e5bee17777326b35b2 MD5 checksum: c77d55903592e81968140e079f1c6f77 MD5 checksum: 1f41b1ec85198d719fe9c28e98ec8734 Alpha architecture: MD5 checksum: 60272664fc901e1208a08f27cd782ade MD5 checksum: 45387036b992ae2a89e8867bce6936ad MD5 checksum: 74b59a4d505ea437e2acd2787ba46e06 PowerPC architecture: MD5 checksum: fe2831aba8e48fd40ed949ad4d43af69 MD5 checksum: 6ff36ece5e2e34fa263c29b3c182b3fb MD5 checksum: c834bf13621cd56a9bdecc9fd557944d ARM architecture: MD5 checksum: 3e545ec01f4f868a89d43e0192e13397 MD5 checksum: 668c9bdf6d048dbe3d7f79020f7d0b66 MD5 checksum: 4ab8315ae897a034707932778dce944f Architecture independent: MD5 checksum: 2ebe291616ea17f9cabcae1644d7a5e5 These files will be moved into soon. For not yet released architectures please refer to the appropriate directory . - ---------------------------------------------------------------------------- For apt-get: deb Debian -- Security Information stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see The GNU Privacy Guard iD8DBQE6cqvoW5ql+IAeqTIRAqiQAJ0a+qTDporsPammp7j8KdsxiwADWACfazkx TjEiA9hyYe9bj/GdXEktsUY=oIPr -----END PGP SIGNATURE----- . Severe security gapsuncovered in inn2 impacting Debian users, linked to improper handling of local temporary files and possible buffer overflow threats. Immediate updates recommended.. inn2 vulnerabilities, Debian update, local temp issue, buffer overflow. . LinuxSecurity.com Team

Calendar 2 Jan 27, 2001 Debian
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here