Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 2 articles for you...
202
security advisorymoderateconfigurationopenSUSE Leap 15.6 Logback Security Bulletin SUSE-SU-2027-0545-4
An update that solves one vulnerability can now be installed.. # Security update for logback Announcement ID: SUSE-SU-2026:0361-1 Release Date: 2026-02-02T13:20:46Z Rating: moderate References: * bsc#1257094 Cross-References: * CVE-2026-1225 CVSS scores: * CVE-2026-1225 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-1225 ( NVD ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:X/V:X/RE:M/U:Green Affected Products: * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for logback fixes the following issues: * CVE-2026-1225: ACE vulnerability in configuration file (bsc#1257094) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-361=1 ## Package List: * openSUSE Leap 15.6 (noarch) * logback-1.2.13-150200.3.16.1 * logback-access-1.2.13-150200.3.16.1 * logback-javadoc-1.2.13-150200.3.16.1 * logback-examples-1.2.13-150200.3.16.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1225.html * https://bugzilla.suse.com/show_bug.cgi?id=1257094 . An update is available for openSUSE Jump 15.6 addressing a moderate severity ACE configuration issue in logback.. openSUSE logback update moderate ACE security. . LinuxSecurity.com Team
Feb 02, 2026
OpenSUSE
100
security advisorymoderateconfigurationopenSUSE Leap 15.6 logback Moderate ACE Configuration Vulnerability Alert
An update that solves one vulnerability can now be installed.. # Security update for logback Announcement ID: SUSE-SU-2026:0361-1 Release Date: 2026-02-02T13:20:46Z Rating: moderate References: * bsc#1257094 Cross-References: * CVE-2026-1225 CVSS scores: * CVE-2026-1225 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2026-1225 ( NVD ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:X/V:X/RE:M/U:Green Affected Products: * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for logback fixes the following issues: * CVE-2026-1225: ACE vulnerability in configuration file (bsc#1257094) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-361=1 ## Package List: * openSUSE Leap 15.6 (noarch) * logback-1.2.13-150200.3.16.1 * logback-access-1.2.13-150200.3.16.1 * logback-javadoc-1.2.13-150200.3.16.1 * logback-examples-1.2.13-150200.3.16.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1225.html * https://bugzilla.suse.com/show_bug.cgi?id=1257094 . Update for logback fixes ACE vulnerability in openSUSE Leap 15.6. Install immediately to secure your systems.. logback update, openSUSE security, ACE issue, SUSE patch, Linux vulnerabilities. . LinuxSecurity.com Team
Feb 02, 2026
SuSE
202
security advisorymoderatesoftware updateopenSUSE Tumbleweed logback Moderate CVE-2026-1225 Update
An update that solves one vulnerability can now be installed.. # logback-1.2.13-2.1 on GA media Announcement ID: openSUSE-SU-2026:10114-1 Rating: moderate Cross-References: * CVE-2026-1225 CVSS scores: * CVE-2026-1225 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the logback-1.2.13-2.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * logback 1.2.13-2.1 * logback-access 1.2.13-2.1 * logback-examples 1.2.13-2.1 * logback-javadoc 1.2.13-2.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1225.html . Critical update available for logback package in openSUSE Tumbleweed to address a moderate severity issue.. openSUSE logback update CVE-2026-1225 moderate. . LinuxSecurity.com Team
Jan 31, 2026
OpenSUSE
100
security advisorymoderateOpenSUSEopenSUSE: Logback Moderate ACE Configuration Bug 2025:03456-1
* bsc#1250715 Cross-References: * CVE-2025-11226 . # Security update for logback Announcement ID: SUSE-SU-2025:03456-1 Release Date: 2025-10-07T07:08:30Z Rating: moderate References: * bsc#1250715 Cross-References: * CVE-2025-11226 CVSS scores: * CVE-2025-11226 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L * CVE-2025-11226 ( NVD ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:P/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:M/U:Green Affected Products: * openSUSE Leap 15.6 An update that solves one vulnerability can now be installed. ## Description: This update for logback fixes the following issues: * CVE-2025-11226: fixed the ACE vulnerability in conditional configuration file processing (bsc#1250715) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-3456=1 ## Package List: * openSUSE Leap 15.6 (noarch) * logback-1.2.13-150200.3.13.1 * logback-examples-1.2.13-150200.3.13.1 * logback-javadoc-1.2.13-150200.3.13.1 * logback-access-1.2.13-150200.3.13.1 ## References: * https://www.suse.com/security/cve/CVE-2025-11226.html * https://bugzilla.suse.com/show_bug.cgi?id=1250715 . Update for logback addresses ACE vulnerability (CVE-2025-11226). Implement patch for openSUSE Leap 15.6 now.. openSUSE, logback, patch, ACE vulnerability, security advisory. . LinuxSecurity.com Team
Oct 07, 2025
SuSE
172
security advisorydenial of serviceimportantUbuntu 22.04 LTS USN-7616-1 important: logback denial of service
Several security issues were fixed in logback.. ========================================================================== Ubuntu Security Notice USN-7616-1 July 02, 2025 logback vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in logback. Software Description: - logback: A reliable, generic, fast and flexible logging library for Java Details: It was discovered that logback could read malicious configuration files from LDAP servers. An attacker with the required permissions could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-42550) It was discovered that logback contained a serialization vulnerability. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-6378) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS liblogback-java 1:1.2.10-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS liblogback-java 1:1.2.3-5ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS liblogback-java 1:1.2.3-2ubuntu1~18.04.1+esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS liblogback-java 1:1.1.3-2ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7616-1 CVE-2021-42550, CVE-2023-6378 . Security alert USN-7617-1 outlines resolutions for log4j's severe vulnerabilities affecting multiple Ubuntu releases.. logback vulnerabilities, Ubuntu security, logginglibrary, security notice, denial of service. . Severity: Important. LinuxSecurity.com Team
Jul 03, 2025
•Important
Ubuntu
202
security advisorycode executionimportantopenSUSE Leap 15.6 SUSE-SU-2025:0072-1 important: logback code execution
An update that solves two vulnerabilities can now be installed.. # Security update for logback Announcement ID: SUSE-SU-2025:0072-1 Release Date: 2025-01-10T18:33:38Z Rating: important References: * bsc#1234742 * bsc#1234743 Cross-References: * CVE-2024-12798 * CVE-2024-12801 CVSS scores: * CVE-2024-12798 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-12798 ( NVD ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:L/U:Clear * CVE-2024-12801 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-12801 ( NVD ): 2.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:N/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:X/U:Clear Affected Products: * openSUSE Leap 15.6 An update that solves two vulnerabilities can now be installed. ## Description: This update for logback fixes the following issues: * CVE-2024-12798: Fixed arbitrary code execution via JaninoEventEvaluator (bsc#1234742) * CVE-2024-12801: Fixed Server-Side Request Forgery in SaxEventRecorder (bsc#1234743) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-72=1 ## Package List: * openSUSE Leap 15.6 (noarch) * logback-examples-1.2.11-150200.3.10.1 * logback-1.2.11-150200.3.10.1 * logback-javadoc-1.2.11-150200.3.10.1 * logback-access-1.2.11-150200.3.10.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12798.html * https://www.suse.com/security/cve/CVE-2024-12801.html * https://bugzilla.suse.com/show_bug.cgi?id=1234742 * https://bugzilla.suse.com/show_bug.cgi?id=1234743 . Enhancing securitymeasures by addressing significant logback vulnerabilities in openSUSE, tackling potential threats of code execution and request forgery.. openSUSE, logback, security update, patch instructions, code execution. . Severity: Important. LinuxSecurity.com Team
Jan 10, 2025
•Important
OpenSUSE
100
security advisoryarbitrary code executionimportantopenSUSE Leap 15.6: 2025:0072-1 important: logback code execution fix
* bsc#1234742 * bsc#1234743 Cross-References: * CVE-2024-12798 . # Security update for logback Announcement ID: SUSE-SU-2025:0072-1 Release Date: 2025-01-10T18:33:38Z Rating: important References: * bsc#1234742 * bsc#1234743 Cross-References: * CVE-2024-12798 * CVE-2024-12801 CVSS scores: * CVE-2024-12798 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-12798 ( NVD ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:L/U:Clear * CVE-2024-12801 ( SUSE ): 5.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-12801 ( NVD ): 2.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:L/VI:N/VA:L/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:X/U:Clear Affected Products: * openSUSE Leap 15.6 An update that solves two vulnerabilities can now be installed. ## Description: This update for logback fixes the following issues: * CVE-2024-12798: Fixed arbitrary code execution via JaninoEventEvaluator (bsc#1234742) * CVE-2024-12801: Fixed Server-Side Request Forgery in SaxEventRecorder (bsc#1234743) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-72=1 ## Package List: * openSUSE Leap 15.6 (noarch) * logback-examples-1.2.11-150200.3.10.1 * logback-1.2.11-150200.3.10.1 * logback-javadoc-1.2.11-150200.3.10.1 * logback-access-1.2.11-150200.3.10.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12798.html * https://www.suse.com/security/cve/CVE-2024-12801.html * https://bugzilla.suse.com/show_bug.cgi?id=1234742 * https://bugzilla.suse.com/show_bug.cgi?id=1234743 . Security patch forlogback addresses critical vulnerabilities. Installation guidelines available for openSUSE.. logback update, logback security, openSUSE Leap 15.6, security fixes, server-side request forgery. . Severity: Important. LinuxSecurity.com Team
Jan 10, 2025
•Important
SuSE
202
security advisorymoderatesecurity issueopenSUSE Tumbleweed: 2025:14627-1 moderate: logback security issues
An update that solves 2 vulnerabilities can now be installed.. # logback-1.2.11-4.1 on GA media Announcement ID: openSUSE-SU-2025:14627-1 Rating: moderate Cross-References: * CVE-2024-12798 * CVE-2024-12801 CVSS scores: * CVE-2024-12798 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-12801 ( SUSE ): 5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N Affected Products: * openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the logback-1.2.11-4.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * logback 1.2.11-4.1 * logback-access 1.2.11-4.1 * logback-examples 1.2.11-4.1 * logback-javadoc 1.2.11-4.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12798.html * https://www.suse.com/security/cve/CVE-2024-12801.html . OpenSUSE Tumbleweed has released a moderate advisory for a logback update, fixing two critical security vulnerabilities to enhance system security and stability. logback Security Fix, openSUSE Tumbleweed Update, Logback 1.2.11 Patch. . LinuxSecurity.com Team
Jan 10, 2025
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!