Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraimportant

Fedora 41: log4cxx Important Improper JSON Output Vuln 2025-1b48c1a920

Update to 1.5.0, fix CVE-2025-54813, CVE-2025-22838. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-1b48c1a920 2025-10-12 01:09:51.211551+00:00 -------------------------------------------------------------------------------- Name : log4cxx Product : Fedora 41 Version : 1.5.0 Release : 1.fc41 URL : https://logging.apache.org/log4cxx/1.5.0/index.html Summary : A port to C++ of the Log4j project Description : Log4cxx is a popular logging package written in C++. One of its distinctive features is the notion of inheritance in loggers. Using a logger hierarchy it is possible to control which log statements are output at arbitrary granularity. This helps reduce the volume of logged output and minimize the cost of logging. -------------------------------------------------------------------------------- Update Information: Update to 1.5.0, fix CVE-2025-54813, CVE-2025-22838 -------------------------------------------------------------------------------- ChangeLog: * Fri Oct 3 2025 Till Hofmann - 1.5.0-1 - Update to 1.5.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2393061 - CVE-2025-54812 log4cxx: Log4cxx HTMLLayout XSS Vulnerability [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2393061 [ 2 ] Bug #2393132 - CVE-2025-54813 log4cxx: Log4cxx: Improper JSON Output Neutralization [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2393132 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-1b48c1a920' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keysused by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Fedora 41 update resolves critical log4cxx issues with CVE-2025-54813 and CVE-2025-22838 for enhanced security.. log4cxx update, Fedora 41 security, CVE-2025-54813, CVE-2025-22838. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Oct 12, 2025 Important Fedora
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycriticaldebian

Debian 11: DLA-4322-1 log4cxx Critical HTML JSON Injection CVE-2025-54812

Multiple vulnerabilities were discovered in log4cxx, a logging library for C++ that is compatible with the JAVA log4j framework. CVE-2025-54812 . ------------------------------------------------------------------------- Debian LTS Advisory DLA-4322-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Lukas Märdian October 05, 2025 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : log4cxx Version : 0.11.0-2+deb11u1 CVE ID : CVE-2025-54812 CVE-2025-54813 Debian Bug : 1111879 1111881 Multiple vulnerabilities were discovered in log4cxx, a logging library for C++ that is compatible with the JAVA log4j framework. CVE-2025-54812 When using HTMLLayout, logger names are not properly escaped when writing out to the HTML file. If untrusted data is used to retrieve the name of a logger, an attacker could theoretically inject HTML or Javascript in order to hide information from logs or steal data from the user. CVE-2025-54813 When using JSONLayout, not all payload bytes are properly escaped. If an attacker-supplied message contains certain non-printable characters, these will be passed along in the message and written out as part of the JSON message. This may prevent applications that consume these logs from correctly interpreting the information within them. For Debian 11 bullseye, these problems have been fixed in version 0.11.0-2+deb11u1. We recommend that you upgrade your log4cxx packages. For the detailed security status of log4cxx please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/log4cxx Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS: Critical log4cxx updateaddresses multiple security issues affecting logging functionalities for C++ applications.. Debian LTS, log4cxx, security update, logging library, critical vulnerabilities. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 04, 2025 Critical Debian LTS
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here