Alerts This Week
Warning Icon 1 697
Alerts This Week
Warning Icon 1 697

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":547,"type":"x","order":1,"pct":78.48,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.88,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.34,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 11 articles for you...
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderateOpenSUSE

openSUSE: python-mistralclient Moderate Local File Inclusion CVE-2021-4472

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for python-mistralclient ______________________________________________________________________________ Announcement ID: openSUSE-SU-2025:0460-1 Rating: moderate References: #1254289 Cross-References: CVE-2021-4472 Affected Products: openSUSE Backports SLE-15-SP7 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python-mistralclient fixes the following issues: - CVE-2021-4472: Fixed a local file inclusion which may result in disclosure of arbitrary files content (boo#1254289) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP7: zypper in -t patch openSUSE-2025-460=1 Package List: - openSUSE Backports SLE-15-SP7 (noarch): python-mistralclient-doc-4.0.1-bp157.2.3.1 python3-mistralclient-4.0.1-bp157.2.3.1 References: https://www.suse.com/security/cve/CVE-2021-4472.html https://bugzilla.suse.com/1254289 . Update for python-mistralclient resolves security risk around local file inclusion in openSUSE Backports.. openSUSE security update, python-mistralclient patch, local file inclusion fix. . LinuxSecurity.com Team

Calendar 2 Dec 04, 2025 OpenSUSE
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderatethreat

openSUSE: python-mistralclient Moderate Local File Exposure CVE-2021-4472

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for python-mistralclient ______________________________________________________________________________ Announcement ID: openSUSE-SU-2025:0461-1 Rating: moderate References: #1254289 Cross-References: CVE-2021-4472 Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python-mistralclient fixes the following issues: - CVE-2021-4472: Fixed a local file inclusion which may result in disclosure of arbitrary files content (boo#1254289) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2025-461=1 Package List: - openSUSE Backports SLE-15-SP6 (noarch): python-mistralclient-doc-4.0.1-bp156.4.3.1 python3-mistralclient-4.0.1-bp156.4.3.1 References: https://www.suse.com/security/cve/CVE-2021-4472.html https://bugzilla.suse.com/1254289 . Update for python-mistralclient resolves moderate local file inclusion issue from CVE-2021-4472 on openSUSE.. openSUSE, python-mistralclient, local file disclosure, moderate update. . LinuxSecurity.com Team

Calendar 2 Dec 04, 2025 OpenSUSE
Banner 2 1028x280 1708121730 1 1771599631
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycriticaldebian

Debian 11: Mistral-Dashboard Critical Local File Inclusion DLA-4392-1

A local file inclusion vulnerability has been discovered in mistral- dashboard, the OpenStack Workflow as a Service dashboard plugin, that may result in disclosure of arbitrary local files content through the . ------------------------------------------------------------------------- Debian LTS Advisory DLA-4392-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Daniel Leidert December 01, 2025 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : mistral-dashboard Version : 11.0.0-2+deb11u1 CVE ID : CVE-2021-4472 A local file inclusion vulnerability has been discovered in mistral- dashboard, the OpenStack Workflow as a Service dashboard plugin, that may result in disclosure of arbitrary local files content through the 'Create Workbook' feature. For Debian 11 bullseye, this problem has been fixed in version 11.0.0-2+deb11u1. We recommend that you upgrade your mistral-dashboard packages. For the detailed security status of mistral-dashboard please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/mistral-dashboard Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . A critical flaw in Mistral-dashboard for Debian allows arbitrary file disclosure. Update recommended for security.. Debian Mistral Security Update, Local File Inclusion, OpenStack Dashboard Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 01, 2025 Critical Debian LTS
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebianimportant

Debian 11: python-mistralclient Important Local File Inclusion DLA-4391-1

A local file inclusion vulnerability has been discovered in python- mistralclient, the OpenStack Workflow as a Service client, that may result in disclosure of arbitrary local files content through the . ------------------------------------------------------------------------- Debian LTS Advisory DLA-4391-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Daniel Leidert December 01, 2025 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : python-mistralclient Version : 1:4.1.1-2+deb11u1 CVE ID : CVE-2021-4472 A local file inclusion vulnerability has been discovered in python- mistralclient, the OpenStack Workflow as a Service client, that may result in disclosure of arbitrary local files content through the 'Create Workbook' feature. For Debian 11 bullseye, this problem has been fixed in version 1:4.1.1-2+deb11u1. We recommend that you upgrade your python-mistralclient packages. For the detailed security status of python-mistralclient please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/python-mistralclient Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . A local file inclusion issue in python-mistralclient for Debian LTS. Ensure application update to avoid file disclosure risks.. Debian security update, python-mistralclient, file disclosure, OpenStack security, LTS advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Dec 01, 2025 Important Debian LTS
Banner 2 1028x280 1708121730 1 1771599631
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorycriticalremote code execution

Serious Remote Code Execution Flaws in Ruby Sinatra for Ubuntu 22.04

Several security issues were fixed in Sinatra.. ========================================================================== Ubuntu Security Notice USN-7664-1 July 22, 2025 ruby-sinatra vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in Sinatra. Software Description: - ruby-sinatra: Ruby web-development dressed in a DSL Details: It was discovered that Sinatra incorrectly handled serving static files. An attacker could possibly use this issue to perform local file inclusion, obtaining sensitive information. (CVE-2022-29970) It was discovered that Sinatra incorrectly handled special characters in the Content-Disposition HTTP header. An attacker could possibly use this issue to perform a reflected file download attack, achieving remote code execution. (CVE-2022-45442) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS ruby-sinatra 2.0.8.1-2+deb11u1build0.22.04.1 Ubuntu 20.04 LTS ruby-sinatra 2.0.8.1-1ubuntu0.1~esm2 Available with Ubuntu Pro Ubuntu 18.04 LTS ruby-sinatra 1.4.8-1ubuntu0.1~esm2 Available with Ubuntu Pro Ubuntu 16.04 LTS ruby-sinatra 1.4.7-3ubuntu0.1~esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7664-1 CVE-2022-29970, CVE-2022-45442 Package Information: https://launchpad.net/ubuntu/+source/ruby-sinatra/2.0.8.1-2+deb11u1build0.22.04.1 . Upgraded Sinatra addresses significant vulnerabilities in Ubuntu impacting several editions; maintain system stability by applying this patch..Ubuntu Security, Ruby Sinatra Update, Remote Code Execution, Local File Inclusion. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 22, 2025 Critical Ubuntu
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorypatchimportant

openSUSE: 2025:0858-1 important: rubygem-rack-1_6 Advisory Security Update

An update that solves two vulnerabilities can now be installed.. # Security update for rubygem-rack-1_6 Announcement ID: SUSE-SU-2025:0858-1 Release Date: 2025-03-13T17:58:53Z Rating: important References: * bsc#1237141 * bsc#1239298 Cross-References: * CVE-2025-25184 * CVE-2025-27610 CVSS scores: * CVE-2025-25184 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-25184 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-25184 ( NVD ): 5.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-27610 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-27610 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-27610 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.6 An update that solves two vulnerabilities can now be installed. ## Description: This update for rubygem-rack-1_6 fixes the following issues: * CVE-2025-27610: Fixed improper sanitization of user-supplied paths when serving files leading to local file inclusion (bsc#1239298). * CVE-2025-25184: Fixed Rack::CommonLogger log entry manipulation (bsc#1237141). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-858=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-rack-1_6-1.6.8-150000.3.3.1 * ruby2.5-rubygem-rack-testsuite-1_6-1.6.8-150000.3.3.1 * ruby2.5-rubygem-rack-doc-1_6-1.6.8-150000.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-25184.html *https://www.suse.com/security/cve/CVE-2025-27610.html * https://bugzilla.suse.com/show_bug.cgi?id=1237141 * https://bugzilla.suse.com/show_bug.cgi?id=1239298 . An important security update for openSUSE fixes two critical issues in rubygem-rack. Stay secure and patch now!. update, solves, vulnerabilities, installed, security, rubygem-rack-1. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 13, 2025 Important OpenSUSE
Banner 2 1028x280 1708121730 1 1771599631
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryimportantSUSE

SUSE: 2025:0858-1 important: rubygem-rack-1_6 Security Advisory Updates

* bsc#1237141 * bsc#1239298 Cross-References: * CVE-2025-25184 . # Security update for rubygem-rack-1_6 Announcement ID: SUSE-SU-2025:0858-1 Release Date: 2025-03-13T17:58:53Z Rating: important References: * bsc#1237141 * bsc#1239298 Cross-References: * CVE-2025-25184 * CVE-2025-27610 CVSS scores: * CVE-2025-25184 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-25184 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-25184 ( NVD ): 5.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-27610 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-27610 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-27610 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.6 An update that solves two vulnerabilities can now be installed. ## Description: This update for rubygem-rack-1_6 fixes the following issues: * CVE-2025-27610: Fixed improper sanitization of user-supplied paths when serving files leading to local file inclusion (bsc#1239298). * CVE-2025-25184: Fixed Rack::CommonLogger log entry manipulation (bsc#1237141). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-858=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-rack-1_6-1.6.8-150000.3.3.1 * ruby2.5-rubygem-rack-testsuite-1_6-1.6.8-150000.3.3.1 * ruby2.5-rubygem-rack-doc-1_6-1.6.8-150000.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-25184.html *https://www.suse.com/security/cve/CVE-2025-27610.html * https://bugzilla.suse.com/show_bug.cgi?id=1237141 * https://bugzilla.suse.com/show_bug.cgi?id=1239298 . Important SUSE maintenance updates address two vulnerabilities in rubygem-rack-1_6 affecting openSUSE Leap 15.6.. bsc#1237141, bsc#1239298, cross-references, cve-2025-25184, security, update, rubygem-rack-1_. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 13, 2025 Important SuSE
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of servicecritical

Debian: DLA-3589-1 Critical: Python-Git Local File Inclusion Threat

Santos Gallegos discovered a blind local file inclusion in python-git, a Python library to interact with Git repositories, which could lead to denial of service or potentially information disclosure. . ------------------------------------------------------------------------- Debian LTS Advisory DLA-3589-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Guilhem Moulin September 29, 2023 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : python-git Version : 2.1.11-1+deb10u2 CVE ID : CVE-2023-41040 Santos Gallegos discovered a blind local file inclusion in python-git, a Python library to interact with Git repositories, which could lead to denial of service or potentially information disclosure. In order to resolve some git references, python-git reads files from the ".git" directory but, due to improper location check, an attacker can pass a file located outside this directory thereby making python-git read arbitrary file on the system. It remains unclear whether the attacker can gain access to actual file content, but denial of service can be achieved by passing a large or infinite file such as /dev/random. For Debian 10 buster, this problem has been fixed in version 2.1.11-1+deb10u2. We recommend that you upgrade your python-git packages. For the detailed security status of python-git please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/python-git Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Security vulnerability announced in Debian LTS Advisory DLA-3590-2 concerning Python-git. Essential updates released for safeguarding systems.. python-git security, denial of service, local file inclusion, debian update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 29, 2023 Critical Debian LTS
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":547,"type":"x","order":1,"pct":78.48,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.88,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.34,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here