Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -1 articles for you...
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebianimportant

Debian 11 lrzip Important Use After Free Fix DLA-4567-1 CVE-2025-15570

It was discovered that there was a potential use-after-free issue in the lrzip compression/decompression program. For Debian 11 bullseye, this problem has been fixed in version 0.641-1+deb11u2. We recommend that you upgrade your lrzip packages.. Debian LTS Advisory DLA-4567-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Chris Lamb May 06, 2026 https://wiki.debian.org/LTS Package : lrzip Version : 0.641-1+deb11u2 CVE ID : CVE-2025-15570 Debian Bug : 1128069 It was discovered that there was a potential use-after-free issue in the lrzip compression/decompression program. For Debian 11 bullseye, this problem has been fixed in version 0.641-1+deb11u2. We recommend that you upgrade your lrzip packages. For the detailed security status of lrzip please refer to its security tracker page at: https://security-tracker.debian.org/tracker/lrzip Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . A use-after-free issue in lrzip on Debian 11 bullseye has been fixed. Upgrade to prevent potential exploits.. Debian lrzip Use After Free Upgrade Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 06, 2026 Important Debian LTS
99
Ls Advisories Slackware Esm H240
Price Tag 1security advisoryremote exploitcritical

Slackware 15.0 lrzip Security Update Announcement SSA-2026-047-02

New lrzip packages are available for Slackware 15.0 and -current to fix security issues.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] lrzip (SSA:2026-047-02) New lrzip packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/lrzip-0.660-i586-1_slack15.0.txz: Upgraded. Address multiple potential security issues with crafted or corrupt archives. (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/lrzip-0.660-i586-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/lrzip-0.660-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/lrzip-0.660-i686-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/lrzip-0.660-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: 7b7195853cd42008bbd327cc88a07cfa lrzip-0.660-i586-1_slack15.0.txz Slackware x86_64 15.0 package: 50fd7554d133d65497d024504718589f lrzip-0.660-x86_64-1_slack15.0.txz Slackware -current package: c270926a910420338e7d75da75fda273 a/lrzip-0.660-i686-1.txz Slackware x86_64 -current package: e066a5ac143089cbccf361730706a5a9 a/lrzip-0.660-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg lrzip-0.660-i586-1_slack15.0.txz +-----+ . Find out about the critical lrzip security fix for Slackware15.0 addressing multiple potential issues with crafted archives.. lrzip package Slackware upgrade, secure lrzip installation, Slackware 15.0 archive fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 16, 2026 Critical Slackware
Banner 3 1028x280 1708121785 1771599793
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of servicecritical

Ubuntu 22.04 LTS: USN-5840-1 Critical: lrzip DoS and Memory Corruption

Several security issues were fixed in Long Range ZIP.. =========================================================================Ubuntu Security Notice USN-5840-1 February 02, 2023 lrzip vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 ESM - Ubuntu 14.04 ESM Summary: Several security issues were fixed in Long Range ZIP. Software Description: - lrzip: compression program with a very high compression ratio Details: It was discovered that Long Range ZIP incorrectly handled pointers. If a user or an automated system were tricked into opening a certain specially crafted ZIP file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2020-25467) It was discovered that Long Range ZIP incorrectly handled pointers. If a user or an automated system were tricked into opening a certain specially crafted ZIP file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-27345, CVE-2021-27347) It was discovered that Long Range ZIP incorrectly handled pointers. If a user or an automated system were tricked into opening a certain specially crafted ZIP file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2022-26291) It was discovered that Long Range ZIP incorrectly handled memory allocation, which could lead to a heap memory corruption. An attacker could possibly use this issue to cause denial of service. This issue affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-28044) Updateinstructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: lrzip 0.651-2ubuntu0.22.10.1 Ubuntu 22.04 LTS: lrzip 0.651-2ubuntu0.22.04.1 Ubuntu 20.04 LTS: lrzip 0.631+git180528-1+deb10u1build0.20.04.1 Ubuntu 18.04 LTS: lrzip 0.631-1+deb9u3build0.18.04.1 Ubuntu 16.04 ESM: lrzip 0.621-1ubuntu0.1~esm2 Ubuntu 14.04 ESM: lrzip 0.616-1ubuntu0.1~esm2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5840-1 CVE-2018-5786, CVE-2020-25467, CVE-2021-27345, CVE-2021-27347, CVE-2022-26291, CVE-2022-28044 Package Information: https://launchpad.net/ubuntu/+source/lrzip/0.651-2ubuntu0.22.10.1 https://launchpad.net/ubuntu/+source/lrzip/0.651-2ubuntu0.22.04.1 https://launchpad.net/ubuntu/+source/lrzip/0.631+git180528-1+deb10u1build0.20.04.1 https://launchpad.net/ubuntu/+source/lrzip/0.631-1+deb9u3build0.18.04.1 . Essential update required to resolve lrzip vulnerabilities in Ubuntu that may result in service disruptions and memory-related problems.. lrzip Issues, Ubuntu Security Update, Memory Corruption Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 02, 2023 Critical Ubuntu
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydenial of servicedebian

Debian: DSA-5146-1 Moderate: Wget Security Vulnerability Alert

Multiple vulnerabilities have been discovered in the lrzip compression program which could result in denial of service or potentially the execution of arbitrary code. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5145-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff May 24, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : lrzip CVE ID : CVE-2018-5786 CVE-2022-26291 CVE-2022-28044 Multiple vulnerabilities have been discovered in the lrzip compression program which could result in denial of service or potentially the execution of arbitrary code. For the oldstable distribution (buster), these problems have been fixed in version 0.631+git180528-1+deb10u1. This update also addresses CVE-2021-27345, CVE-2020-25467 and CVE-2021-27347. For the stable distribution (bullseye), these problems have been fixed in version 0.641-1+deb11u1. We recommend that you upgrade your lrzip packages. For the detailed security status of lrzip please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/lrzip Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Enhance your tar packages to resolve various vulnerabilities that may lead to denial of service and unauthorized code execution threats.. lrzip Update, Software Fix, Debian Security Advisory, vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 24, 2022 Important Debian
Banner 3 1028x280 1708121785 1771599793
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorysoftware updatedebian

Debian 9 Stretch DLA-3005-1 Moderate: Lrzip Memory Corruption Fix

lrzip, a compression program, was found to have a heap memory corruption bug. For Debian 9 stretch, this problem has been fixed in version 0.631-1+deb9u3. . ------------------------------------------------------------------------- Debian LTS Advisory DLA-3005-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Stefano Rivera May 13, 2022 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : lrzip Version : 0.631-1+deb9u3 CVE ID : CVE-2022-28044 lrzip, a compression program, was found to have a heap memory corruption bug. For Debian 9 stretch, this problem has been fixed in version 0.631-1+deb9u3. We recommend that you upgrade your lrzip packages. For the detailed security status of lrzip please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/lrzip Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS Announcement DLA-3006-1 provides information about a security fix for libxml2 vulnerability in Debian 9 Stretch.. Debian LTS, LRZIP Memory Fix, Debian Update, Security Advisory. . LinuxSecurity.com Team

Calendar 2 May 13, 2022 Debian LTS
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of servicedebian

Debian: DLA-2981-1 Moderate: Lrzip DoS Due To Crafted Files

Several security vulnerabilities have been discovered in lrzip, a compression program. Invalid pointers, use-after-free and infinite loops would allow attackers to cause a denial of service or possibly other unspecified impact via a crafted compressed file. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2981-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Sylvain Beucler April 13, 2022 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : lrzip Version : 0.631-1+deb9u2 CVE ID : CVE-2018-5786 CVE-2020-25467 CVE-2021-27345 CVE-2021-27347 CVE-2022-26291 Debian Bug : 888506 990583 Several security vulnerabilities have been discovered in lrzip, a compression program. Invalid pointers, use-after-free and infinite loops would allow attackers to cause a denial of service or possibly other unspecified impact via a crafted compressed file. CVE-2018-5786 There is an infinite loop and application hang in the get_fileinfo function (lrzip.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file. CVE-2020-25467 A null pointer dereference was discovered lzo_decompress_buf in stream.c which allows an attacker to cause a denial of service (DOS) via a crafted compressed file. CVE-2021-27345 A null pointer dereference was discovered in ucompthread in stream.c which allows attackers to cause a denial of service (DOS) via a crafted compressed file. CVE-2021-27347 Use after free in lzma_decompress_buf function in stream.c in allows attackers to cause Denial of Service (DoS) via a crafted compressed file. CVE-2022-26291 lrzip was discovered to contain a multiple concurrency use-after-free between the functions zpaq_decompress_buf() and clear_rulist(). This vulnerabilityallows attackers to cause a Denial of Service (DoS) via a crafted lrz file. For Debian 9 stretch, these problems have been fixed in version 0.631-1+deb9u2. We recommend that you upgrade your lrzip packages. For the detailed security status of lrzip please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/lrzip Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS Advisory DLA-2982-1 tackles vulnerabilities found in zlib library, introducing patches to mitigate potential exploitation risks.. Debian Security Update, Lrzip Security, Denial of Service, Debian Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 13, 2022 Important Debian LTS
Banner 3 1028x280 1708121785 1771599793
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of serviceUbuntu

Ubuntu 18.04 LTS USN-5171-1: lrzip Denial Of Service Notice

Several security issues were fixed in Long Range ZIP.. =========================================================================Ubuntu Security Notice USN-5171-1 December 06, 2021 lrzip vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: Several security issues were fixed in Long Range ZIP. Software Description: - lrzip: compression program with a very high compression ratio Details: It was discovered that Long Range ZIP incorrectly handled certain specially crafted lrz files. A remote attacker could possibly use this issue to cause a denial of service (crash) or other unspecified impact. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: lrzip 0.631-1+deb9u1build0.18.04.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5171-1 CVE-2017-8844, CVE-2017-8846, CVE-2017-9928, CVE-2017-9929, CVE-2018-10685, CVE-2018-11496, CVE-2018-5650, CVE-2018-5747, CVE-2018-5786 Package Information: https://launchpad.net/ubuntu/+source/lrzip/0.631-1+deb9u1build0.18.04.1 . Alert notification USN-5171-1 highlights lrzip flaws and their repercussions on Ubuntu platforms. Upgrade to mitigate risks.. lrzip, denial of service, Ubuntu security update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Dec 06, 2021 Important Ubuntu
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of servicebuffer overflow

Debian: DLA-2724-1 High: gstreamer Buffer Overflow Security Risk

Several security vulnerabilities have been discovered in lrzip, a compression program. Heap-based and stack buffer overflows, use-after-free and infinite loops would allow attackers to cause a denial of service or possibly other unspecified impact via a crafted file. . -------------------------------------------------------------------------Debian LTS Advisory DLA-2725-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Markus Koschany August 01, 2021 https://wiki.debian.org/LTS -------------------------------------------------------------------------Package : lrzip Version : 0.631-1+deb9u1 CVE ID : CVE-2017-8844 CVE-2017-8846 CVE-2017-9928 CVE-2017-9929 CVE-2018-5650 CVE-2018-5747 CVE-2018-5786 CVE-2018-10685 CVE-2018-11496 Several security vulnerabilities have been discovered in lrzip, a compression program. Heap-based and stack buffer overflows, use-after-free and infinite loops would allow attackers to cause a denial of service or possibly other unspecified impact via a crafted file. For Debian 9 stretch, these problems have been fixed in version 0.631-1+deb9u1. We recommend that you upgrade your lrzip packages. For the detailed security status of lrzip please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/lrzip Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Tackle lrzip weaknesses by following Debian's security patch recommendations. Safeguard system reliability via essential updates.. lrzip Security, Debian Update, Buffer Overflow Fix, Denial of Service Protection. . LinuxSecurity.com Team

Calendar 2 Aug 01, 2021 Debian LTS
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here