Explore top 10 tips to secure your open-source projects now. Read More
×
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-8421 http://linux.oracle.com/errata/ELSA-2025-8421.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: ghostscript-9.27-17.el8_10.x86_64.rpm ghostscript-x11-9.27-17.el8_10.x86_64.rpm libgs-9.27-17.el8_10.i686.rpm libgs-9.27-17.el8_10.x86_64.rpm ghostscript-doc-9.27-17.el8_10.noarch.rpm ghostscript-tools-dvipdf-9.27-17.el8_10.x86_64.rpm ghostscript-tools-fonts-9.27-17.el8_10.x86_64.rpm ghostscript-tools-printing-9.27-17.el8_10.x86_64.rpm libgs-devel-9.27-17.el8_10.i686.rpm libgs-devel-9.27-17.el8_10.x86_64.rpm aarch64: ghostscript-9.27-17.el8_10.aarch64.rpm ghostscript-x11-9.27-17.el8_10.aarch64.rpm libgs-9.27-17.el8_10.aarch64.rpm ghostscript-doc-9.27-17.el8_10.noarch.rpm ghostscript-tools-dvipdf-9.27-17.el8_10.aarch64.rpm ghostscript-tools-fonts-9.27-17.el8_10.aarch64.rpm ghostscript-tools-printing-9.27-17.el8_10.aarch64.rpm libgs-devel-9.27-17.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//ghostscript-9.27-17.el8_10.src.rpm Related CVEs: CVE-2025-27832 Description of changes: [9.27-17] - RHEL-88965 CVE-2025-27832 ghostscript: NPDL device: Compression buffer overflow _______________________________________________ El-errata mailing list
The package dropbear before version 2025.88-1 is vulnerable to arbitrary command execution. . Arch Linux Security Advisory ASA-202505-9 ========================================= Severity: Medium Date : 2025-05-19 CVE-ID : CVE-2025-47203 Package : dropbear Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-2874 Summary ======= The package dropbear before version 2025.88-1 is vulnerable to arbitrary command execution. Resolution ========== Upgrade to 2025.88-1. # pacman -Syu "dropbear> =2025.88-1" The problem has been fixed upstream in version 2025.88. Workaround ========== None. Description =========== dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used. Impact ====== A remote attacker can craft a malicious hostname to execute arbitrary commands on a system using dbclient if the hostname is passed without proper sanitization. References ========== https://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2025q2/002385.html https://security.archlinux.org/CVE-2025-47203 . The Debian Security Announcement DSA-202507-5 highlights a medium-risk vulnerability in the samba package. It is recommended to perform an update.. Arbitrary Command Execution, Arch Linux Dropbear, Security Advisory. . Severity: Medium. LinuxSecurity.com Team
BUG/MEDIUM: sample: fix risk of overflow when replacing multiple regex back-refsAleandro Prudenzano of Doyensec and Edoardo Geraci of Codean Labs reported a bug in sample_conv_regsub(), which can cause replacements of multiple back-references to overflow the temporary trash buffer. The problem happens when doing "regsub(match,replacement,g)": . MGASA-2025-0138 - Updated haproxy packages fix security vulnerability Publication date: 25 Apr 2025 URL: https://advisories.mageia.org/MGASA-2025-0138.html Type: security Affected Mageia releases: 9 CVE: CVE-2025-32464 BUG/MEDIUM: sample: fix risk of overflow when replacing multiple regex back-refsAleandro Prudenzano of Doyensec and Edoardo Geraci of Codean Labs reported a bug in sample_conv_regsub(), which can cause replacements of multiple back-references to overflow the temporary trash buffer. The problem happens when doing "regsub(match,replacement,g)": we're replacing every occurrence of "match" with "replacement" in the input sample, which requires a length check. For this, a max is applied, so that a replacement may not use more than the remaining length in the buffer. However, the length check is made on the replaced pattern and not on the temporary buffer used to carry the new string. This results in the remaining size to be usable for each input match, which can go beyond the temporary buffer size if more than one occurrence has to be replaced with something that's larger than the remaining room. References: - https://bugs.mageia.org/show_bug.cgi?id=34186 - https://ubuntu.com/security/notices/USN-7431-1 - - https://www.cve.org/CVERecord?id=CVE-2025-32464 SRPMS: - 9/core/haproxy-2.8.14-1.1.mga9 . Newly released HAProxy updates tackle buffer overflow vulnerabilities in Mageia related to CVE-2025-32464. Check for complete resolution information.. Haproxy Update,Mageia Security,Security Advisory,Overflow Vulnerability,Medium Severity Advisory. . Severity: Medium. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-4043 http://linux.oracle.com/errata/ELSA-2025-4043.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: bluez-5.63-5.el8_10.x86_64.rpm bluez-cups-5.63-5.el8_10.x86_64.rpm bluez-hid2hci-5.63-5.el8_10.x86_64.rpm bluez-libs-5.63-5.el8_10.i686.rpm bluez-libs-5.63-5.el8_10.x86_64.rpm bluez-obexd-5.63-5.el8_10.x86_64.rpm bluez-libs-devel-5.63-5.el8_10.i686.rpm bluez-libs-devel-5.63-5.el8_10.x86_64.rpm aarch64: bluez-5.63-5.el8_10.aarch64.rpm bluez-cups-5.63-5.el8_10.aarch64.rpm bluez-hid2hci-5.63-5.el8_10.aarch64.rpm bluez-libs-5.63-5.el8_10.aarch64.rpm bluez-obexd-5.63-5.el8_10.aarch64.rpm bluez-libs-devel-5.63-5.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//bluez-5.63-5.el8_10.src.rpm Related CVEs: CVE-2023-27349 CVE-2023-51589 Description of changes: [5.63-5] + bluez-5.63-5 - Resolves: RHEL-35371 - Fixing CVE-2023-27349 - Resolves: RHEL-35492 - Fixing CVE-2023-51589 [5.63-4] + bluez-5.63-4 - Resolves: RHEL-35501 - Fixing CVE-2023-50230 - Resolves: RHEL-35504 - Fixing CVE-2023-50229 _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-3913 http://linux.oracle.com/errata/ELSA-2025-3913.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: expat-2.2.5-17.0.1.el8_10.i686.rpm expat-2.2.5-17.0.1.el8_10.x86_64.rpm expat-devel-2.2.5-17.0.1.el8_10.i686.rpm expat-devel-2.2.5-17.0.1.el8_10.x86_64.rpm aarch64: expat-2.2.5-17.0.1.el8_10.aarch64.rpm expat-devel-2.2.5-17.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//expat-2.2.5-17.0.1.el8_10.src.rpm Related CVEs: CVE-2024-8176 Description of changes: [2.2.5-17.0.1] - lib: Prevent integer overflow in doProlog [CVE-2022-23990][Orabug: 33910314] [2.2.5-17] - Fix CVE-2024-8176 - Resolves: RHEL-57477 _______________________________________________ El-errata mailing list
libcap2 would allow unintended capabilities.. ========================================================================== Ubuntu Security Notice USN-7287-1 February 24, 2025 libcap2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: libcap2 would allow unintended capabilities. Software Description: - libcap2: POSIX 1003.1e capabilities (library) Details: Tianjia Zhang discovered the libcap2 PAM module pam_cap incorrectly handled parsing group names in the configuration file. This could result in certain users being granted capabilities, contrary to expectations. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.10 libpam-cap 1:2.66-5ubuntu3.1 Ubuntu 24.04 LTS libpam-cap 1:2.66-5ubuntu2.2 Ubuntu 22.04 LTS libpam-cap 1:2.44-1ubuntu0.22.04.2 Ubuntu 20.04 LTS libpam-cap 1:2.32-1ubuntu0.2 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7287-1 CVE-2025-1390 Package Information: https://launchpad.net/ubuntu/+source/libcap2/1:2.66-5ubuntu3.1 https://launchpad.net/ubuntu/+source/libcap2/1:2.66-5ubuntu2.2 https://launchpad.net/ubuntu/+source/libcap2/1:2.44-1ubuntu0.22.04.2 https://launchpad.net/ubuntu/+source/libcap2/1:2.32-1ubuntu0.2 . Ubuntu Security Bulletin USN-7288-2 highlights a vulnerability in libcap2 that may grant excessive permissions. Immediate patching necessary.. libcap2 security, Ubuntu update, PAM module issue, capabilities management, security advisory. . Severity: Medium. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-1329 http://linux.oracle.com/errata/ELSA-2025-1329.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: doxygen-1.9.1-12.el9_5.x86_64.rpm doxygen-doxywizard-1.9.1-12.el9_5.x86_64.rpm doxygen-latex-1.9.1-12.el9_5.x86_64.rpm aarch64: doxygen-1.9.1-12.el9_5.aarch64.rpm doxygen-doxywizard-1.9.1-12.el9_5.aarch64.rpm doxygen-latex-1.9.1-12.el9_5.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//doxygen-1.9.1-12.el9_5.src.rpm Related CVEs: CVE-2020-11023 Description of changes: [1:1.9.1-12] - Resolves: RHEL-78146, CVE-2020-11023, CVE-2020-11022 _______________________________________________ El-errata mailing list
Security fix for CVE-2025-0938. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-f613fe78b6 2025-02-13 02:00:53.381637+00:00 -------------------------------------------------------------------------------- Name : python3.11 Product : Fedora 40 Version : 3.11.11 Release : 5.fc40 URL : https://www.python.org/ Summary : Version 3.11 of the Python interpreter Description : Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable: the reference interpreter for the Python language, version 3. The majority of its standard library is provided in the python3.11-libs package, which should be installed automatically along with python3.11. The remaining parts of the Python standard library are broken out into the python3.11-tkinter and python3.11-test packages, which may need to be installed separately. Documentation for Python is provided in the python3.11-docs package. Packages containing additional libraries for Python are generally named with the "python3.11-" prefix. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2025-0938 -------------------------------------------------------------------------------- ChangeLog: * Mon Feb 10 2025 Charalampos Stratakis - 3.11.11-5 - Security fix for CVE-2025-0938 - Fixes: rhbz#2343272 * Thu Feb 6 2025 Miro HronÄok - 3.11.11-4 - Rebuilt with mpdecimal 4.0.0 * Sat Feb 1 2025 Björn Esser - 3.11.11-3 - Add explicit BR: libxcrypt-devel * Sat Jan 18 2025 Fedora Release Engineering - 3.11.11-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ]Bug #2343272 - CVE-2025-0938 python3.11: URL parser allowed square brackets in domain names [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2343272 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-f613fe78b6' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Fedora 40 has issued a security advisory for CVE-2025-0938 concerning python3.11, detailing serious vulnerabilities along with essential patch info to address risks. Fedora python3.11 security update, CVE-2025-0938 fix, python security advisories. . LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.