Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 3 articles for you...
217
Ls Advisories Oracle Esm H240
Price Tag 1security advisorykernel updatebug fix

Oracle Linux 7 ELSA-2022-7337 Critical Kernel Security Update

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2022-7337 https://linux.oracle.com/errata/ELSA-2022-7337.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: bpftool-3.10.0-1160.80.1.0.1.el7.x86_64.rpm kernel-3.10.0-1160.80.1.0.1.el7.x86_64.rpm kernel-abi-whitelists-3.10.0-1160.80.1.0.1.el7.noarch.rpm kernel-debug-3.10.0-1160.80.1.0.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.80.1.0.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.80.1.0.1.el7.x86_64.rpm kernel-doc-3.10.0-1160.80.1.0.1.el7.noarch.rpm kernel-headers-3.10.0-1160.80.1.0.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.80.1.0.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.80.1.0.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.80.1.0.1.el7.x86_64.rpm perf-3.10.0-1160.80.1.0.1.el7.x86_64.rpm python-perf-3.10.0-1160.80.1.0.1.el7.x86_64.rpm SRPMS: https://oss.oracle.com:443/ol7/SRPMS-updates/kernel-3.10.0-1160.80.1.0.1.el7.src.rpm Related CVEs: CVE-2022-2588 CVE-2022-23816 CVE-2022-23825 CVE-2022-26373 CVE-2022-29900 CVE-2022-29901 Description of changes: [3.10.0-1160.80.1.0.1.el7.OL7] - debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499} [3.10.0-1160.80.1.el7.OL7] - Update Oracle Linux certificates (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(This email address is being protected from spambots. You need JavaScript enabled to view it.) - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64

Calendar 2 Nov 03, 2022 Critical Oracle
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorasoftware patch

Fedora 36: 2022-930b54aa84 Major Update: PlantUML XSS Security Fix

notes=Security fix for [CVE-2022-1231]. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-930b54aa84 2022-05-07 04:08:14.315686 --------------------------------------------------------------------------------Name : plantuml Product : Fedora 36 Version : 1.2022.4 Release : 1.fc36 URL : https://plantuml.com/ Summary : Program to generate UML diagram from a text description Description : PlantUML is a program allowing to draw UML diagrams, using a simple and human readable text description. It is extremely useful for code documenting, sketching project architecture during team conversations and so on. PlantUML supports the following diagram types - sequence diagram - use case diagram - class diagram - activity diagram - component diagram - state diagram --------------------------------------------------------------------------------Update Information: notes=Security fix for [CVE-2022-1231] --------------------------------------------------------------------------------ChangeLog: * Mon Apr 18 2022 Sandipan Roy - 1:1.2022.4-1 - Updated version to 1.2022.4 - Added fix for rhbz#2076162 - Added fix for rhbz#2076163 * Mon Mar 7 2022 Sandipan Roy - 1:1.2022.2-1 - Updated version to 1.2022.2 --------------------------------------------------------------------------------References: [ 1 ] Bug #2076163 - CVE-2022-1231 plantuml: Stored XSS in the context of the diagram embedder [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2076163 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-930b54aa84' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details onthe GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Fedora 36 has released an update for PlantUML to mitigate a critical stored XSS vulnerability. The security advisory encompasses specific details regarding the fix implemented.. PlantUML Update, Fedora Security, XSS Bug Fix, Software Security, Open Source Patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 07, 2022 Important Fedora
Banner 1 1028x280 1708121660 1771599717
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorysoftware updatebuffer overrun

Mageia 2021-0115 Moderate: pngcheck Buffer Overrun Security Issue

This update fixes a buffer-overrun bug related to the MNG LOOP chunk (which gets noticed even in PNG files if the -s option is used). (RHBZ#1908559). It also fixes a buffer overrun for certain invalid MNG PPLT chunk contents. . MGASA-2021-0115 - Updated pngcheck packages fix security vulnerabilities Publication date: 05 Mar 2021 URL: https://advisories.mageia.org/MGASA-2021-0115.html Type: security Affected Mageia releases: 7, 8 This update fixes a buffer-overrun bug related to the MNG LOOP chunk (which gets noticed even in PNG files if the -s option is used). (RHBZ#1908559). It also fixes a buffer overrun for certain invalid MNG PPLT chunk contents. (RHBZ#1907428). References: - https://bugs.mageia.org/show_bug.cgi?id=28331 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/XTD56567QSWLCTKBJNTCF6HB5GLJZCHX/ SRPMS: - 8/core/pngcheck-3.0.2-1.mga8 - 7/core/pngcheck-3.0.2-1.mga7 . Mageia 2021-0116 resolves critical vulnerabilities in libpng that could lead to security breaches. Review the patch notes for further information.. Mageia Security Advisory,Mageia pngcheck,Buffer Overrun Fix,Security Update. . LinuxSecurity.com Team

Calendar 2 Mar 05, 2021 Mageia
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdateFedora

Fedora 32: FEDORA-2020-db5888b6bf Major Update for OpenJDK 8 AArch32

8u242 update. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-db5888b6bf 2020-03-16 20:26:14.976843 --------------------------------------------------------------------------------Name : java-1.8.0-openjdk-aarch32 Product : Fedora 32 Version : 1.8.0.242.b07 Release : 1.fc32 URL : https://openjdk.org/ Summary : OpenJDK Runtime Environment 8 in a preview of the OpenJDK AArch32 project Description : A preview release of the upstream OpenJDK AArch32 porting project. The OpenJDK runtime environment. --------------------------------------------------------------------------------Update Information: 8u242 update --------------------------------------------------------------------------------ChangeLog: * Mon Mar 2 2020 Alex Kashchenko - 1:1.8.0.242.b07-1 - update sources to 8u242 - add gcc10 flags - sync with mainline package * Wed Jan 29 2020 Fedora Release Engineering - 1:1.8.0.232.b09-1.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild * Wed Nov 6 2019 Alex Kashchenko - 1:1.8.0.232.b09-1 - update sources to 8u232 - sync with mainline package * Fri Sep 27 2019 Alex Kashchenko - 1:1.8.0.222.b10-3 - add '-aarch32' suffix to jre symlink - fixes RHBZ#1755309 * Wed Sep 11 2019 Alex Kashchenko - 1:1.8.0.222.b10-1 - update sources to 8u222 - sync with mainline package * Thu Jul 25 2019 Fedora Release Engineering - 1:1.8.0.212.190430-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild * Mon May 6 2019 Alex Kashchenko - 1:1.8.0.212-1.190430 - update sources to 8u211 - sync with mainline package * Tue Feb 12 2019 Alex Kashchenko - 1:1.8.0.201-1.190124 - update sources to 8u201 - sync with mainline package * Tue Oct 30 2018 Alex Kashchenko - 1:1.8.0.191-1.181022 - update sources to 8u191 - sync with mainline package * Thu Aug 30 2018 Alex Kashchenko - 1:1.8.0.181-1.180802 - update sources to 8u181 - sync with mainlinepackage * Fri Jul 13 2018 Fedora Release Engineering - 1:1.8.0.171-2.180511 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild * Sun May 27 2018 Alex Kashchenko - 1:1.8.0.171-1.180511 - update sources to 8u171 - sync with mainline package * Mon Mar 12 2018 Alex Kashchenko - 1:1.8.0.161-1.180220 - update sources to 8u161 - sync with mainline package --------------------------------------------------------------------------------References: [ 1 ] Bug #1799530 - java-1.8.0-openjdk-aarch32: FTBFS in Fedora rawhide/f32 https://bugzilla.redhat.com/show_bug.cgi?id=1799530 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-db5888b6bf' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Fedora update for OpenJDK 8 8u242 enhances security and system stability for users, ensuring smooth operations.. Java Update, Fedora Security, OpenJDK Update, AArch32 Runtime, Package Announcement. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 16, 2020 Important Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycritical issuefedora

Fedora 28: FEDORA-2018-ba0b683c10 Critical: php-symfony3 Security Patch

**Version 3.4.11** (2018-05-25) * bug #27364 [DI] Fix bad exception on uninitialized references to non-shared services (nicolas-grekas) * bug #27359 [HttpFoundation] Fix perf issue during MimeTypeGuesser intialization (nicolas- grekas) * security #cve-2018-11408 [SecurityBundle] Fail if security.http_utils cannot be configured * security #cve-2018-11406 clear CSRF tokens when the user. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-ba0b683c10 2018-06-05 13:42:36.128050 --------------------------------------------------------------------------------Name : php-symfony3 Product : Fedora 28 Version : 3.4.11 Release : 1.fc28 URL : https://symfony.com/ Summary : Symfony PHP framework (version 3) Description : Symfony PHP framework (version 3). NOTE: Does not require PHPUnit bridge. --------------------------------------------------------------------------------Update Information: **Version 3.4.11** (2018-05-25) * bug #27364 [DI] Fix bad exception on uninitialized references to non-shared services (nicolas-grekas) * bug #27359 [HttpFoundation] Fix perf issue during MimeTypeGuesser intialization (nicolas-grekas) * security #cve-2018-11408 [SecurityBundle] Fail if security.http_utils cannot be configured * security #cve-2018-11406 clear CSRF tokens when the user is logged out * security #cve-2018-11385 migrating session for UsernamePasswordJsonAuthenticationListener * security #cve-2018-11385 Adding session authentication strategy to Guard to avoid session fixation * security #cve-2018-11385 Adding session strategy to ALL listeners to avoid *any* possible fixation * security #cve-2018-11386 [HttpFoundation] Break infinite loop in PdoSessionHandler when MySQL is in loose mode * bug #27341 [WebProfilerBundle] Fixed validator/dump trace CSS (yceruto) * bug #27337 [FrameworkBundle] fix typo in CacheClearCommand (emilielorenzo) ---- **Version 3.4.10** (2018-05-21) * bug#27264 [Validator] Use strict type in URL validator (mimol91) * bug #27267 [DependencyInjection] resolve array env vars (jamesthomasonjr) * bug #26781 [Form] Fix precision of MoneyToLocalizedStringTransformer's divisions on transform() (syastrebov) * bug #27286 [Translation] Add Occitan plural rule (kylekatarnls) * bug #27271 [DI] Allow defining bindings on ChildDefinition (nicolas-grekas) * bug #27246 Disallow invalid characters in session.name (ostrolucky) * bug #27287 [PropertyInfo] fix resolving parent|self type hints (nicolas-grekas) * bug #27281 [HttpKernel] Fix dealing with self/parent in ArgumentMetadataFactory (fabpot) * bug #24805 [Security] Fix logout (MatTheCat) * bug #27265 [DI] Shared services should not be inlined in non-shared ones (nicolas-grekas) * bug #27141 [Process] Suppress warnings when open_basedir is non-empty (cbj4074) * bug #27250 [Session] limiting :key for GET_LOCK to 64 chars (oleg-andreyev) * bug #27237 [Debug] Fix populating error_get_last() for handled silent errors (nicolas-grekas) * bug #27232 [Cache][Lock] Fix usages of error_get_last() (nicolas-grekas) * bug #27236 [Filesystem] Fix usages of error_get_last() (nicolas-grekas) * bug #27191 [DI] Display previous error messages when throwing unused bindings (nicolas-grekas) * bug #27231 [FrameworkBundle] Fix cache:clear on vagrant (nicolas-grekas) * bug #27222 [WebProfilerBundle][Cache] Fix misses calculation when calling getItems (fsevestre) * bug #27227 [HttpKernel] Handle NoConfigurationException "onKernelException()" (nicolas-grekas) * bug #27152 [HttpFoundation] use brace-style regex delimiters (xabbuh) * bug #27158 [Cache] fix logic for fetching tag versions on TagAwareAdapter (dmaicher) * bug #27143 [Console] By default hide the short exception trace line from exception messages in Symfony's commands (yceruto) * bug #27133 [Doctrine Bridge] fix priority for doctrine event listeners (dmaicher) * bug #27135 [FrameworkBundle] Use the correct service id for CachePoolPruneCommandin its compiler pass (DemonTPx) --------------------------------------------------------------------------------ChangeLog: * Mon May 28 2018 Remi Collet - 3.4.11-1 - update to 3.4.11 * Thu May 24 2018 Remi Collet - 3.4.10-1 - update to 3.4.10 - ignore new dependency on symfony/polyfill-ctype * Fri May 4 2018 Remi Collet - 3.4.9-1 - update to 3.4.9 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-ba0b683c10' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./message/WU5N2TZFNGXDGMXMPP7LZCWTFLENF6WH/ . This software patch resolves essential vulnerabilities in php-symfony3, enhancing framework reliability and efficiency on Fedora.. php Symfony3, Fedora Security Update, Major Security Patch. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 05, 2018 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoramajor update

Fedora 27: Knot DNS Major Update and Security Enhancements

Major update for Knot DNS and Knot Resolver: Knot Resolver 1.5.0 (2017-11-02) Darwin Improvements ------------ - new module ta_signal_query supporting Signaling Trust Anchor Knowledge using Keytag Query (RFC 8145 section 5); it is enabled by default - attempt validation for more records but require it for. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-7a7ea1cf50 2017-11-17 15:29:48.997756 --------------------------------------------------------------------------------Name : knot Product : Fedora 27 Version : 2.6.1 Release : 1.fc27 URL : https://www.knot-dns.cz/ Summary : High-performance authoritative DNS server Description : Knot DNS is a high-performance authoritative DNS server implementation. --------------------------------------------------------------------------------Update Information: Major update for Knot DNS and Knot Resolver: Knot Resolver 1.5.0 (2017-11-02) ================================ Bugfixes -------- - fix loading modules on Darwin Improvements ------------ - new module ta_signal_query supporting Signaling Trust Anchor Knowledge using Keytag Query (RFC 8145 section 5); it is enabled by default - attempt validation for more records but require it for fewer of them (e.g. avoids SERVFAIL when server adds extra records but omits RRSIGs) Knot Resolver 1.4.0 (2017-09-22) ===============================Incompatible changes -------------------- - lua: query flag-sets are no longer represented as plain integers. kres.query.* no longer works, and kr_query_t lost trivial methods 'hasflag' and 'resolved'. You can instead write code like qry.flags.NO_0X20 = true. Bugfixes -------- - fix exiting one of multiple forks (#150) - cache: change the way of using LMDB transactions. That in particular fixes some cases of using too much space with multiple kresd forks (#240). Improvements ------------ - policy.suffix: update the aho-corasick code (#200) - roothints are now loaded from a zonefile; exposed as hints.root_file(). You can override the path by defining ROOTHINTS during compilation. - policy.FORWARD: work around resolvers adding unsigned NS records (#248) - reduce unneeded records previously put into authority in wildcarded answers Knot Resolver 1.3.3 (2017-08-09) ===============================Security -------- - Fix a critical DNSSEC flaw. Signatures might be accepted as valid even if the signed data was not in bailiwick of the DNSKEY used to sign it, assuming the trust chain to that DNSKEY was valid. Bugfixes -------- -iterate: skip RRSIGs with bad label count instead of immediate SERVFAIL - utils: fix possible incorrect seeding of the random generator - modules/http: fix compatibility with the Prometheus text format Improvements ------------ -policy: implement remaining special-use domain names from RFC6761 (#205), and make these rules apply only if no other non-chain rule applies Knot DNS 2.6.1 (2017-11-02) =========================== Features: --------- - NSEC3 Opt-Out support in the DNSSEC signing - New CDS/CDNSKEY publish configuration option Improvements: ------------- - Simplified DNSSEC log message with DNSKEY details - +tls-hostname in kdig implies +tls-ca if neither +tls-ca nor +tls-pin is given - New documentation sections for DNSSEC key rollovers and shared keys - Keymgr no longer prints useless algorithm number for generated key - Kdig prints unknown RCODE in a numeric format - Better support for LLVM libFuzzer Bugfixes: --------- - Faulty DNAME semantic check if present in the zone apex and NSEC3 is used - Immediate zone flush not scheduled during the zone load event - Server crashes upon dynamic zone addition if a query module is loaded - Kdig fails to connect over TLS due to SNI is set to server IP address -Possible out-of-bounds memory access at the end of the input - TCP Fast Open enabled by default in kdig breaks TLS connection Knot DNS 2.6.0 (2017-09-29) =========================== Features: --------- - On-slave (inline) signing support - Automatic DNSSEC key algorithm rollover - Ed25519 algorithm support in DNSSEC (requires GnuTLS 3.6.0) - New 'journal-content' and 'zonefile-load' configuration options - keymgr tries to run as user/group set in the configuration - Public-only DNSSEC key import into KASP DB via keymgr - NSEC3 resalt and parent DS query events are persistent in timer DB - New processing state for a response suppression within a query module - Enabled server side TCP Fast Open if supported - TCP Fast Open support in kdig Improvements: ------------- - Better record owner compression if related to the previous rdata dname - NSEC(3) chain is no longer recomputed whole on every update -Remove inconsistent and unnecessary quoting in log files - Avoiding of overlapping key rollovers at a time - More DNSSSEC-related semantic checks -Extended timestamp format in keymgr Bugfixes: --------- - Incorrect journal free space computation causing inefficient space handling - Interface-automatic broken on Linux in the presence of asymmetric routing Knot DNS 2.5.6 (2017-11-02) =========================== Improvements: ------------- - Keymgr no longer prints useless algorithm number for generated key Bugfixes: ---------- Faulty DNAME semantic check if present in the zone apex and NSEC3 is used -Immediate zone flush not scheduled during the zone load event - Server crashes upon dynamic zone addition if a query module is loaded - Kdig fails to connect over TLS due to SNI is set to server IP address Knot DNS 2.5.5 (2017-09-29) =========================== Improvements: ------------- - Constant time memory comparison in the TSIG processing - Proper use of the ctype functions -Generated RRSIG records have inception time 90 minutes in the past Bugfixes: --------- - Incorrect online signature for NSEC in the case of a CNAME record - Incorrect timestamps in dnstap records - EDNS Subnet Client validation rejects valid payloads - Moduleconfiguration semantic checks are not executed - Kzonecheck segfaults with unusual inputs Knot DNS 2.5.4 (2017-08-31) =========================== Improvements: ------------- - New minimum and maximum refresh interval config options (Thanks to Manabu Sonoda) - New warning when unforced flush with disabled zone file synchronization - New 'dnskey' keymgr command - Linking with libatomic on architectures that require it (Thanks to Pierre-Olivier Mercier) - Removed 'OK' from listing keymgr command outputs - Extended journal and keymgr documentation and logging Bugfixes: --------- - Incorrect handling of specific corner-cases with zone-in-journal -The 'share' keymgr command doesn't work - Server crashes if configured with query-size and reply-size statistics options - Malformed big integer configuration values on some 32-bit platforms - Keymgr uses local time when parsing date inputs - Memory leak in kdig upon IXFR query --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade knot' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Uncover key updates in Knot DNS, emphasizing advancements and problem resolutions, with attention to enhancements in DNSSEC and rectifications of bugs.. KnotDNS, Fedora Update, DNS Security, DNS Improvements, Resolver Updates. . LinuxSecurity.com Team

Calendar 2 Nov 17, 2017 Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoramajor update

Fedora 23: FEDORA-2015-12739 Major Update for Python-KDCProxy Security

Fixes CVE-2015-5159 Update to 0.3.1 Update to 0.3.1. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-12739 2016-01-15 20:06:26.126273 -------------------------------------------------------------------------------- Name : python-kdcproxy Product : Fedora 23 Version : 0.3.2 Release : 1.fc23 URL : https://github.com/latchset/kdcproxy Summary : MS-KKDCP (kerberos proxy) WSGI module Description : This package contains a Python 2.x WSGI module for proxying KDC requests over HTTP by following the MS-KKDCP protocol. It aims to be simple to deploy, with minimal configuration. -------------------------------------------------------------------------------- Update Information: Fixes CVE-2015-5159 Update to 0.3.1 Update to 0.3.1 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update python-kdcproxy' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . The most recent security patch for Python-kdcproxy on Fedora 23 resolves critical vulnerabilities and rectifies problems related to KDC request handling.. Fedora 23,python-kdcproxy,KDC requests,security update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 15, 2016 Important Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorynetwork securitysoftware update

Fedora 22 nss-softokn Security Update Moderate Cryptographic Issue

firefox-42.0-2.fc22 - Update to 42.0 firefox-42.0-2.fc21 - Update to 42.0 firefox-42.0-2.fc23 - Update to 42.0 nspr-4.10.10-1.fc23 - Update to NSPR_4_10_10_RTM nspr-4.10.10-1.fc21 - Update to NSPR_4_10_10_RTM nspr-4.10.10-1.fc22 - Update to NSPR_4_10_10_RTM. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-5b5109510c 2015-11-04 18:18:57.362994 -------------------------------------------------------------------------------- Name : nss-softokn Product : Fedora 22 Version : 3.20.1 Release : 1.0.fc22 URL : https://firefox-source-docs.mozilla.org/security/nss/index.html Summary : Network Security Services Softoken Module Description : Network Security Services Softoken Cryptographic Module -------------------------------------------------------------------------------- Update Information: firefox-42.0-2.fc22 - Update to 42.0 firefox-42.0-2.fc21 - Update to 42.0 firefox-42.0-2.fc23 - Update to 42.0 nspr-4.10.10-1.fc23 - Update to NSPR_4_10_10_RTM nspr-4.10.10-1.fc21 - Update to NSPR_4_10_10_RTM nspr-4.10.10-1.fc22 - Update to NSPR_4_10_10_RTM -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update nss-softokn' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Fedora Patch Announcement for nss-softokn focusing on critical vulnerabilities related to upgraded components to bolster overall systemsecurity.. nss-softokn, Fedora Update, cryptography. . LinuxSecurity.com Team

Calendar 2 Nov 04, 2015 Fedora
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here