Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Security Notice 2026-2328-1 Significant Updates on Four Xen Risks

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

openSUSE 2026-2328-1 Xen Important Buffer Overflow Patch

Calendar White Jun 10, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE Leap 15.6 Important Xen Denial of Service Fix SUSE-SU-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

openSUSE Important xen Patch for Multiple Threats SUSE-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE MariaDB Critical Security Fix 12 Vulnerabilities 2026-2330-1

Calendar White Jun 10, 2026
Critical
Ubuntu Large Esm H900
Ubuntu

Ubuntu 22.04 LTS Exim4 Moderate Regression CVE-2023-42117

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

SUSE StrongSwan Important Double-Free CVE-2026-47895 Advisory 2026-2312-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE vim Important Command Injection Buffer Overflow Update 2026-2313-1

Calendar White Jun 10, 2026
Important
Opensuse Large Esm H900
openSUSE

Critical Fix for Important HTTP Issues in openSUSE 2026-2314-1 libsoup

Calendar White Jun 10, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -8 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorabug fix

Fedora 32 High Severity XSS in Marked: FEDORA-2020-d714c08261

New upstream release with bug and security fixes. Also, consolidates duplicate pakages marked and nodejs-marked. I tested upgrades from both, but may have missed some wonky situation.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-d714c08261 2020-05-31 03:28:10.749569 --------------------------------------------------------------------------------Name : marked Product : Fedora 32 Version : 1.1.0 Release : 3.fc32 URL : https://github.com/markedjs/marked Summary : A markdown parser for Node.js built for speed Description : Install this for command line tool and man page. marked is a full-featured markdown compiler that can parse huge chunks of markdown without having to worry about caching the compiled output or blocking for an unnecessarily long time. marked is extremely fast and frequently outperforms similar markdown parsers. marked is very concise and still implements all markdown features, as well as GitHub Flavored Markdown features. marked more or less passes the official markdown test suite in its entirety. This is important because a surprising number of markdown compilers cannot pass more than a few tests. --------------------------------------------------------------------------------Update Information: New upstream release with bug and security fixes. Also, consolidates duplicate pakages marked and nodejs-marked. I tested upgrades from both, but may have missed some wonky situation. --------------------------------------------------------------------------------ChangeLog: * Fri May 22 2020 Stuart Gathman - 1.1.0-3 - Move web assets to js-marked * Fri May 22 2020 Stuart Gathman - 1.1.0-2 - Move module files to nodejs-marked - Fix shebang no longer autofixed in /usr/lib/node_modules * Fri May 22 2020 Stuart Gathman - 1.1.0-1 - New upstream release - CVE-2015-8854 ReDos fixed in 0.3.9 - bz#1529736 bz#1529738 - XSS w/ mangling disabled fixed in0.3.9 - bz#1702320 ReDos vuln - CVE removed, problem not in marked - CVE-2016-1000013 fixed in 0.7.0 - CVE-2017-17461 ReDos in dependency (still open) - CVE-2017-1000427 XSS via data URI fixed in 0.3.7 --------------------------------------------------------------------------------References: [ 1 ] Bug #1185162 - NodeJS marked: VBScript Content Injection [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1185162 [ 2 ] Bug #1186221 - marked-1.1.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=1186221 [ 3 ] Bug #1328407 - CVE-2016-1000013 marked: sanitization bypass using HTML [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1328407 [ 4 ] Bug #1328408 - CVE-2016-1000013 marked: sanitization bypass using HTML [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1328408 [ 5 ] Bug #1329535 - CVE-2015-8854 marked: regular expression denial of service [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1329535 [ 6 ] Bug #1329537 - CVE-2015-8854 marked: regular expression denial of service [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1329537 [ 7 ] Bug #1417926 - CVE-2017-1000427 marked: Cross-site scripting via Data URIs [epel-7] https://bugzilla.redhat.com/show_bug.cgi?id=1417926 [ 8 ] Bug #1417927 - CVE-2017-1000427 marked: Cross-site scripting via Data URIs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1417927 [ 9 ] Bug #1417928 - CVE-2017-1000427 marked: Cross-site scripting via Data URIs [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1417928 [ 10 ] Bug #1529729 - marked: Cross-site Scripting (XSS) attacks via hexadecimal form of HTML [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1529729 [ 11 ] Bug #1529730 - marked: Cross-site Scripting (XSS) attacks via hexadecimal form of HTML [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1529730 [ 12 ] Bug #1529737 - marked: Cross-site Scripting (XSS) via autolink withmangling disabled [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1529737 [ 13 ] Bug #1529738 - marked: Cross-site Scripting (XSS) via autolink with mangling disabled [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1529738 [ 14 ] Bug #1550778 - marked: Regular expression denial of service in marked.js [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1550778 [ 15 ] Bug #1550779 - marked: Regular expression denial of service in marked.js [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1550779 [ 16 ] Bug #1702320 - marked: Regular expression denial of service in inline.text regex [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1702320 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-d714c08261' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Latest update for Fedora 32 enhances safety measures by introducing rapid markdown processing features alongside several bug resolutions.. Fedora Security Update, Marked Package, Node.js Markdown, High-Speed Compiler, ReDos Fix. . LinuxSecurity.comTeam

Calendar 2 May 30, 2020 Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here