Alerts This Week
Warning Icon 1 697
Alerts This Week
Warning Icon 1 697

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":547,"type":"x","order":1,"pct":78.48,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.88,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.34,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 6 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorycriticalSuSE

SUSE: Concerns Over Samba Exploitation and Vulnerability Issues 2025:4380-2

* bsc#1251279 * bsc#1251280 Cross-References: * CVE-2025-10230 . # Security update for samba Announcement ID: SUSE-SU-2025:3677-1 Release Date: 2025-10-20T08:37:56Z Rating: critical References: * bsc#1251279 * bsc#1251280 Cross-References: * CVE-2025-10230 * CVE-2025-9640 CVSS scores: * CVE-2025-10230 ( SUSE ): 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2025-9640 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2025-9640 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Manager Proxy 4.2 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Server 4.2 An update that solves two vulnerabilities can now be installed. ## Description: This update for samba fixes the following issues: * CVE-2025-9640: Fixed vfs_streams_xattr uninitialized memory write (bsc#1251279). * CVE-2025-10230: Fixed command Injection in WINS Server Hook Script (bsc#1251280). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-3677=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2025-3677=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patchSUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3677=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3677=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3677=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-3677=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-3677=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-3677=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * samba-python3-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-debugsource-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-test-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-dsdb-modules-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ldb-ldap-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-python3-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * ctdb-pcp-pmda-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy-devel-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy0-python3-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-tool-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-test-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy0-python3-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 *samba-winbind-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * ctdb-pcp-pmda-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-dsdb-modules-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-devel-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-python3-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * ctdb-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-python3-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy-python3-devel-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-gpupdate-4.15.13+git.736.b791be993ba-150300.3.96.1 * ctdb-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ldb-ldap-4.15.13+git.736.b791be993ba-150300.3.96.1 * openSUSE Leap 15.3 (x86_64) * samba-winbind-libs-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-libs-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-libs-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy0-python3-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-devel-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-python3-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-libs-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-python3-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 *libsamba-policy0-python3-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * openSUSE Leap 15.3 (noarch) * samba-doc-4.15.13+git.736.b791be993ba-150300.3.96.1 * openSUSE Leap 15.3 (aarch64 x86_64) * samba-ceph-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ceph-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * openSUSE Leap 15.3 (aarch64_ilp32) * samba-client-64bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-libs-64bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-libs-64bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy0-python3-64bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-64bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-libs-64bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-64bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-libs-64bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-devel-64bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-64bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-python3-64bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy0-python3-64bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-64bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-64bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-python3-64bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * samba-debugsource-4.15.13+git.736.b791be993ba-150300.3.96.1 * ctdb-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 *samba-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * ctdb-4.15.13+git.736.b791be993ba-150300.3.96.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * samba-python3-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-debugsource-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-dsdb-modules-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ldb-ldap-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-python3-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy-devel-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy0-python3-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-tool-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy0-python3-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ceph-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ceph-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-dsdb-modules-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-devel-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 *samba-libs-python3-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy-python3-devel-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-gpupdate-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-python3-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ldb-ldap-4.15.13+git.736.b791be993ba-150300.3.96.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * samba-winbind-libs-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-libs-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-libs-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-devel-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-libs-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * samba-python3-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-debugsource-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-dsdb-modules-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ldb-ldap-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-python3-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 *samba-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy-devel-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy0-python3-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-tool-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy0-python3-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-dsdb-modules-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-devel-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-python3-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy-python3-devel-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-gpupdate-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-python3-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ldb-ldap-4.15.13+git.736.b791be993ba-150300.3.96.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 x86_64) * samba-ceph-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ceph-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64) * samba-winbind-libs-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-libs-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-libs-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 *samba-devel-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-libs-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * samba-python3-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-debugsource-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-dsdb-modules-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ldb-ldap-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-python3-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy-devel-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy0-python3-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-tool-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy0-python3-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-dsdb-modules-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 *samba-devel-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-python3-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy-python3-devel-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-gpupdate-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-python3-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ldb-ldap-4.15.13+git.736.b791be993ba-150300.3.96.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * samba-winbind-libs-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-libs-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-libs-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-devel-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ceph-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-libs-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ceph-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * samba-python3-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-debugsource-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-dsdb-modules-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ldb-ldap-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-python3-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy-devel-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy0-python3-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-tool-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy0-python3-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ceph-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ceph-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-dsdb-modules-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-devel-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-python3-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * ctdb-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * libsamba-policy-python3-devel-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-gpupdate-4.15.13+git.736.b791be993ba-150300.3.96.1 * ctdb-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-python3-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ldb-ldap-4.15.13+git.736.b791be993ba-150300.3.96.1 * SUSE Enterprise Storage 7.1 (x86_64) * samba-winbind-libs-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 *samba-ad-dc-libs-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-ad-dc-libs-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-devel-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-winbind-libs-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-libs-32bit-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-32bit-4.15.13+git.736.b791be993ba-150300.3.96.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * samba-client-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-debugsource-4.15.13+git.736.b791be993ba-150300.3.96.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * samba-client-libs-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-debuginfo-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-client-libs-4.15.13+git.736.b791be993ba-150300.3.96.1 * samba-debugsource-4.15.13+git.736.b791be993ba-150300.3.96.1 ## References: * https://www.suse.com/security/cve/CVE-2025-10230.html * https://www.suse.com/security/cve/CVE-2025-9640.html * https://bugzilla.suse.com/show_bug.cgi?id=1251279 * https://bugzilla.suse.com/show_bug.cgi?id=1251280 . SUSE has issued a critical security advisory for Samba, addressing significant vulnerabilities including command injection and memory issues.. SUSE Samba Critical Update, Samba Vulnerability Fix, Samba Security Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 20, 2025 Critical SuSE
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentooupdate recommended

Gentoo: GLSA-202407-02 Normal Severity: SDL_ttf Memory Write Issue

A vulnerability has been discovered in SDL_ttf, which can lead to arbitrary memory writes.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202407-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: SDL_ttf: Arbitrary Memory Write Date: July 01, 2024 Bugs: #843434 ID: 202407-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== A vulnerability has been discovered in SDL_ttf, which can lead to arbitrary memory writes. Background ========== SDL_ttf is a wrapper around the FreeType and Harfbuzz libraries, allowing you to use TrueType fonts to render text in SDL applications. Affected packages ================= Package Vulnerable Unaffected ------------------- ------------ ------------ media-libs/sdl2-ttf < 2.20.0 > = 2.20.0 Description =========== A vulnerability has been discovered in SDL_ttf. Please review the CVE identifier referenced below for details. Impact ====== SDL_ttf was discovered to contain an arbitrary memory write via the function TTF_RenderText_Solid(). This vulnerability is triggered via a crafted TTF file. Workaround ========== There is no known workaround at this time. Resolution ========== All SDL_ttf users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =media-libs/sdl2-ttf-2.20.0" References ========== [ 1 ] CVE-2022-27470 https://nvd.nist.gov/vuln/detail/CVE-2022-27470 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202407-02 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines isof utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2024 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . A recent vulnerability in SDL_ttf has been discovered in Gentoo Linux, outlined in advisory GLSA 202407-02, categorized with normal severity. Users should update their systems promptly. Gentoo Linux, SDL_ttf, Arbitrary Memory Write, Security Updates, Software Vulnerabilities. . LinuxSecurity.com Team

Calendar 2 Jul 01, 2024 Gentoo
Banner 2 1028x280 1708121730 1 1771599631
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorysecurity updatecritical

openSUSE 15.5: SUSE-SU-2023:4925-1 Important: Memory Write Issue

This update for xorg-x11-server fixes the following issues: CVE-2023-6377: Fixed out-of-bounds memory write in XKB button actions (bsc#1217765).. # Security update for xorg-x11-server Announcement ID: SUSE-SU-2023:4925-1 Rating: important References: * bsc#1217765 Cross-References: * CVE-2023-6377 CVSS scores: * CVE-2023-6377 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for xorg-x11-server fixes the following issues: * CVE-2023-6377: Fixed out-of-bounds memory write in XKB button actions (bsc#1217765). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2023-4925=1 openSUSE-SLE-15.5-2023-4925=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-4925=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2023-4925=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * xorg-x11-server-sdk-21.1.4-150500.7.13.1 * xorg-x11-server-extra-debuginfo-21.1.4-150500.7.13.1 * xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.13.1 * xorg-x11-server-extra-21.1.4-150500.7.13.1 * xorg-x11-server-21.1.4-150500.7.13.1 * xorg-x11-server-debuginfo-21.1.4-150500.7.13.1 * xorg-x11-server-debugsource-21.1.4-150500.7.13.1 * xorg-x11-server-source-21.1.4-150500.7.13.1 *xorg-x11-server-Xvfb-21.1.4-150500.7.13.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-extra-debuginfo-21.1.4-150500.7.13.1 * xorg-x11-server-Xvfb-debuginfo-21.1.4-150500.7.13.1 * xorg-x11-server-extra-21.1.4-150500.7.13.1 * xorg-x11-server-21.1.4-150500.7.13.1 * xorg-x11-server-debuginfo-21.1.4-150500.7.13.1 * xorg-x11-server-debugsource-21.1.4-150500.7.13.1 * xorg-x11-server-Xvfb-21.1.4-150500.7.13.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-debuginfo-21.1.4-150500.7.13.1 * xorg-x11-server-debugsource-21.1.4-150500.7.13.1 * xorg-x11-server-sdk-21.1.4-150500.7.13.1 ## References: * https://www.suse.com/security/cve/CVE-2023-6377.html * https://bugzilla.suse.com/show_bug.cgi?id=1217765 . Handling CVE-2023-6378: Urgent xorg-server security update for the latest openSUSE version.. openSUSE Security, xorg-x11-server Update, Memory Write Issue, Software Patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Dec 20, 2023 Important OpenSUSE
219
Ls Advisories Rockylinux Esm H240
Price Tag 1security advisorysecurity fiximportant update

Rocky Linux 9 RLSA-2023:1368 Important NSS Memory Write Fix

Important: nss security and bug fix update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2023:1368", "synopsis": "Important: nss security and bug fix update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for nss.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.\n\nSecurity Fix(es):\n\n* nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767)\n\nBug Fix(es):\n\n* In FIPS mode, nss should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator. (BZ#2177434)\n\n* Need to update FIPS review comments into NSS Rocky Linux-9. (BZ#2177875)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2170377", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2170377", "description": ""}, {"ticket": "2177434", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2177434", "description": "* In FIPS mode, nss should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator."}, {"ticket": "2177875", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2177875", "description": "* Need to update FIPS review comments into NSS RHEL-9."}], "cves": [{"name": "CVE-2023-0767", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2023-0767", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}], "references": [], "publishedAt":"2023-03-28T13:08:18.662791Z", "rpms": {"Rocky Linux 9": {"nvras": ["nspr-0:4.34.0-17.el9_1.ppc64le.rpm", "nspr-debuginfo-0:4.34.0-17.el9_1.ppc64le.rpm", "nspr-devel-0:4.34.0-17.el9_1.ppc64le.rpm", "nss-0:3.79.0-17.el9_1.ppc64le.rpm", "nss-0:3.79.0-17.el9_1.src.rpm", "nss-debuginfo-0:3.79.0-17.el9_1.ppc64le.rpm", "nss-debugsource-0:3.79.0-17.el9_1.ppc64le.rpm", "nss-devel-0:3.79.0-17.el9_1.ppc64le.rpm", "nss-softokn-0:3.79.0-17.el9_1.ppc64le.rpm", "nss-softokn-debuginfo-0:3.79.0-17.el9_1.ppc64le.rpm", "nss-softokn-devel-0:3.79.0-17.el9_1.ppc64le.rpm", "nss-softokn-freebl-0:3.79.0-17.el9_1.ppc64le.rpm", "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.ppc64le.rpm", "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.ppc64le.rpm", "nss-sysinit-0:3.79.0-17.el9_1.ppc64le.rpm", "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.ppc64le.rpm", "nss-tools-0:3.79.0-17.el9_1.ppc64le.rpm", "nss-tools-debuginfo-0:3.79.0-17.el9_1.ppc64le.rpm", "nss-util-0:3.79.0-17.el9_1.ppc64le.rpm", "nss-util-debuginfo-0:3.79.0-17.el9_1.ppc64le.rpm", "nss-util-devel-0:3.79.0-17.el9_1.ppc64le.rpm", "nspr-0:4.34.0-17.el9_1.aarch64.rpm", "nspr-0:4.34.0-17.el9_1.i686.rpm", "nspr-0:4.34.0-17.el9_1.s390x.rpm", "nspr-0:4.34.0-17.el9_1.x86_64.rpm", "nspr-debuginfo-0:4.34.0-17.el9_1.aarch64.rpm", "nspr-debuginfo-0:4.34.0-17.el9_1.s390x.rpm", "nspr-debuginfo-0:4.34.0-17.el9_1.x86_64.rpm", "nspr-devel-0:4.34.0-17.el9_1.aarch64.rpm", "nspr-devel-0:4.34.0-17.el9_1.i686.rpm", "nspr-devel-0:4.34.0-17.el9_1.s390x.rpm", "nspr-devel-0:4.34.0-17.el9_1.x86_64.rpm", "nss-0:3.79.0-17.el9_1.aarch64.rpm", "nss-0:3.79.0-17.el9_1.i686.rpm", "nss-0:3.79.0-17.el9_1.s390x.rpm", "nss-0:3.79.0-17.el9_1.x86_64.rpm", "nss-debuginfo-0:3.79.0-17.el9_1.aarch64.rpm", "nss-debuginfo-0:3.79.0-17.el9_1.s390x.rpm", "nss-debuginfo-0:3.79.0-17.el9_1.x86_64.rpm", "nss-debugsource-0:3.79.0-17.el9_1.aarch64.rpm", "nss-debugsource-0:3.79.0-17.el9_1.s390x.rpm", "nss-debugsource-0:3.79.0-17.el9_1.x86_64.rpm", "nss-devel-0:3.79.0-17.el9_1.aarch64.rpm", "nss-devel-0:3.79.0-17.el9_1.i686.rpm","nss-devel-0:3.79.0-17.el9_1.s390x.rpm", "nss-devel-0:3.79.0-17.el9_1.x86_64.rpm", "nss-softokn-0:3.79.0-17.el9_1.aarch64.rpm", "nss-softokn-0:3.79.0-17.el9_1.i686.rpm", "nss-softokn-0:3.79.0-17.el9_1.s390x.rpm", "nss-softokn-0:3.79.0-17.el9_1.x86_64.rpm", "nss-softokn-debuginfo-0:3.79.0-17.el9_1.aarch64.rpm", "nss-softokn-debuginfo-0:3.79.0-17.el9_1.s390x.rpm", "nss-softokn-debuginfo-0:3.79.0-17.el9_1.x86_64.rpm", "nss-softokn-devel-0:3.79.0-17.el9_1.aarch64.rpm", "nss-softokn-devel-0:3.79.0-17.el9_1.i686.rpm", "nss-softokn-devel-0:3.79.0-17.el9_1.s390x.rpm", "nss-softokn-devel-0:3.79.0-17.el9_1.x86_64.rpm", "nss-softokn-freebl-0:3.79.0-17.el9_1.aarch64.rpm", "nss-softokn-freebl-0:3.79.0-17.el9_1.i686.rpm", "nss-softokn-freebl-0:3.79.0-17.el9_1.s390x.rpm", "nss-softokn-freebl-0:3.79.0-17.el9_1.x86_64.rpm", "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.aarch64.rpm", "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.s390x.rpm", "nss-softokn-freebl-debuginfo-0:3.79.0-17.el9_1.x86_64.rpm", "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.aarch64.rpm", "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.i686.rpm", "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.s390x.rpm", "nss-softokn-freebl-devel-0:3.79.0-17.el9_1.x86_64.rpm", "nss-sysinit-0:3.79.0-17.el9_1.aarch64.rpm", "nss-sysinit-0:3.79.0-17.el9_1.s390x.rpm", "nss-sysinit-0:3.79.0-17.el9_1.x86_64.rpm", "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.aarch64.rpm", "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.s390x.rpm", "nss-sysinit-debuginfo-0:3.79.0-17.el9_1.x86_64.rpm", "nss-tools-0:3.79.0-17.el9_1.aarch64.rpm", "nss-tools-0:3.79.0-17.el9_1.s390x.rpm", "nss-tools-0:3.79.0-17.el9_1.x86_64.rpm", "nss-tools-debuginfo-0:3.79.0-17.el9_1.aarch64.rpm", "nss-tools-debuginfo-0:3.79.0-17.el9_1.s390x.rpm", "nss-tools-debuginfo-0:3.79.0-17.el9_1.x86_64.rpm", "nss-util-0:3.79.0-17.el9_1.aarch64.rpm", "nss-util-0:3.79.0-17.el9_1.i686.rpm", "nss-util-0:3.79.0-17.el9_1.s390x.rpm", "nss-util-0:3.79.0-17.el9_1.x86_64.rpm", "nss-util-debuginfo-0:3.79.0-17.el9_1.aarch64.rpm","nss-util-debuginfo-0:3.79.0-17.el9_1.s390x.rpm", "nss-util-debuginfo-0:3.79.0-17.el9_1.x86_64.rpm", "nss-util-devel-0:3.79.0-17.el9_1.aarch64.rpm", "nss-util-devel-0:3.79.0-17.el9_1.i686.rpm", "nss-util-devel-0:3.79.0-17.el9_1.s390x.rpm", "nss-util-devel-0:3.79.0-17.el9_1.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Rocky Linux 9 introduces a crucial nss security and bug fix update that tackles memory write issues.. NSS Security Fix, Rocky Linux Updates, Security Advisories, RLSA-2023:1368. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 28, 2023 Important Rocky Linux
Banner 2 1028x280 1708121730 1 1771599631
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryimportantred hat enterprise

Red Hat Enterprise: 8.4 Important NSS Update RHSA-2023:1370-01 Memory Issue

An update for nss is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: nss security update Advisory ID: RHSA-2023:1370-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:1370 Issue date: 2023-03-21 CVE Names: CVE-2023-0767 ==================================================================== 1. Summary: An update for nss is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream EUS (v.8.4) - aarch64, ppc64le, s390x, x86_64 3. Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 2170377 - CVE-2023-0767 nss:Arbitrary memory write via PKCS 12 6. Package List: Red Hat Enterprise Linux AppStream EUS(v.8.4): Source: nss-3.67.0-8.el8_4.src.rpm aarch64: nss-3.67.0-8.el8_4.aarch64.rpm nss-debuginfo-3.67.0-8.el8_4.aarch64.rpm nss-debugsource-3.67.0-8.el8_4.aarch64.rpm nss-devel-3.67.0-8.el8_4.aarch64.rpm nss-softokn-3.67.0-8.el8_4.aarch64.rpm nss-softokn-debuginfo-3.67.0-8.el8_4.aarch64.rpm nss-softokn-devel-3.67.0-8.el8_4.aarch64.rpm nss-softokn-freebl-3.67.0-8.el8_4.aarch64.rpm nss-softokn-freebl-debuginfo-3.67.0-8.el8_4.aarch64.rpm nss-softokn-freebl-devel-3.67.0-8.el8_4.aarch64.rpm nss-sysinit-3.67.0-8.el8_4.aarch64.rpm nss-sysinit-debuginfo-3.67.0-8.el8_4.aarch64.rpm nss-tools-3.67.0-8.el8_4.aarch64.rpm nss-tools-debuginfo-3.67.0-8.el8_4.aarch64.rpm nss-util-3.67.0-8.el8_4.aarch64.rpm nss-util-debuginfo-3.67.0-8.el8_4.aarch64.rpm nss-util-devel-3.67.0-8.el8_4.aarch64.rpm ppc64le: nss-3.67.0-8.el8_4.ppc64le.rpm nss-debuginfo-3.67.0-8.el8_4.ppc64le.rpm nss-debugsource-3.67.0-8.el8_4.ppc64le.rpm nss-devel-3.67.0-8.el8_4.ppc64le.rpm nss-softokn-3.67.0-8.el8_4.ppc64le.rpm nss-softokn-debuginfo-3.67.0-8.el8_4.ppc64le.rpm nss-softokn-devel-3.67.0-8.el8_4.ppc64le.rpm nss-softokn-freebl-3.67.0-8.el8_4.ppc64le.rpm nss-softokn-freebl-debuginfo-3.67.0-8.el8_4.ppc64le.rpm nss-softokn-freebl-devel-3.67.0-8.el8_4.ppc64le.rpm nss-sysinit-3.67.0-8.el8_4.ppc64le.rpm nss-sysinit-debuginfo-3.67.0-8.el8_4.ppc64le.rpm nss-tools-3.67.0-8.el8_4.ppc64le.rpm nss-tools-debuginfo-3.67.0-8.el8_4.ppc64le.rpm nss-util-3.67.0-8.el8_4.ppc64le.rpm nss-util-debuginfo-3.67.0-8.el8_4.ppc64le.rpm nss-util-devel-3.67.0-8.el8_4.ppc64le.rpm s390x: nss-3.67.0-8.el8_4.s390x.rpm nss-debuginfo-3.67.0-8.el8_4.s390x.rpm nss-debugsource-3.67.0-8.el8_4.s390x.rpm nss-devel-3.67.0-8.el8_4.s390x.rpm nss-softokn-3.67.0-8.el8_4.s390x.rpm nss-softokn-debuginfo-3.67.0-8.el8_4.s390x.rpm nss-softokn-devel-3.67.0-8.el8_4.s390x.rpm nss-softokn-freebl-3.67.0-8.el8_4.s390x.rpm nss-softokn-freebl-debuginfo-3.67.0-8.el8_4.s390x.rpm nss-softokn-freebl-devel-3.67.0-8.el8_4.s390x.rpm nss-sysinit-3.67.0-8.el8_4.s390x.rpm nss-sysinit-debuginfo-3.67.0-8.el8_4.s390x.rpm nss-tools-3.67.0-8.el8_4.s390x.rpm nss-tools-debuginfo-3.67.0-8.el8_4.s390x.rpm nss-util-3.67.0-8.el8_4.s390x.rpm nss-util-debuginfo-3.67.0-8.el8_4.s390x.rpm nss-util-devel-3.67.0-8.el8_4.s390x.rpm x86_64: nss-3.67.0-8.el8_4.i686.rpm nss-3.67.0-8.el8_4.x86_64.rpm nss-debuginfo-3.67.0-8.el8_4.i686.rpm nss-debuginfo-3.67.0-8.el8_4.x86_64.rpm nss-debugsource-3.67.0-8.el8_4.i686.rpm nss-debugsource-3.67.0-8.el8_4.x86_64.rpm nss-devel-3.67.0-8.el8_4.i686.rpm nss-devel-3.67.0-8.el8_4.x86_64.rpm nss-softokn-3.67.0-8.el8_4.i686.rpm nss-softokn-3.67.0-8.el8_4.x86_64.rpm nss-softokn-debuginfo-3.67.0-8.el8_4.i686.rpm nss-softokn-debuginfo-3.67.0-8.el8_4.x86_64.rpm nss-softokn-devel-3.67.0-8.el8_4.i686.rpm nss-softokn-devel-3.67.0-8.el8_4.x86_64.rpm nss-softokn-freebl-3.67.0-8.el8_4.i686.rpm nss-softokn-freebl-3.67.0-8.el8_4.x86_64.rpm nss-softokn-freebl-debuginfo-3.67.0-8.el8_4.i686.rpm nss-softokn-freebl-debuginfo-3.67.0-8.el8_4.x86_64.rpm nss-softokn-freebl-devel-3.67.0-8.el8_4.i686.rpm nss-softokn-freebl-devel-3.67.0-8.el8_4.x86_64.rpm nss-sysinit-3.67.0-8.el8_4.x86_64.rpm nss-sysinit-debuginfo-3.67.0-8.el8_4.i686.rpm nss-sysinit-debuginfo-3.67.0-8.el8_4.x86_64.rpm nss-tools-3.67.0-8.el8_4.x86_64.rpm nss-tools-debuginfo-3.67.0-8.el8_4.i686.rpm nss-tools-debuginfo-3.67.0-8.el8_4.x86_64.rpm nss-util-3.67.0-8.el8_4.i686.rpm nss-util-3.67.0-8.el8_4.x86_64.rpm nss-util-debuginfo-3.67.0-8.el8_4.i686.rpm nss-util-debuginfo-3.67.0-8.el8_4.x86_64.rpm nss-util-devel-3.67.0-8.el8_4.i686.rpm nss-util-devel-3.67.0-8.el8_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2023-0767 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBZBxe+dzjgjWX9erEAQid/xAAlb/Sa7MSyJ7Go4wltm/zCn6zVjwsSANc ETNyYKwSn7hgfGQntma/BRcHKXY6jBoXqTbUuTIMVCWhfR5zy5PsDDdaqxcRs47+ tm46wENAQssKF022aCz0XdiygrP07NsHpxfd4/3AGkWJSvt6djrVZ+IqHziGI31m tWetUbUJ+y2ZcFDhv353eumLaU3ClYkyJN9/OOKII1+zZ9r8IxDuD8hCgk1VZAZd R5zLRNIXlH+HJTg0kHRdOU8sCWdWbDs143BWZBwbzVWdjwb86S/hTnyWz+AEESoL 1PBNPLg7ooswYMUCOD8J0v+CouLwwGP4UvhxS1q6J3jDVq+LEHSXVXvQmgN0BsGy JL4c6SKSkYp6dF94ffifSi3mfABo1wYatyaJdHpK8NO9+0QjomttQBnUYgcvjQZC GcOIQRT8Dju9Q+n6Jxk4lIED7m+n4xJIOvIpI75yt9AFNXXms2RbYJ7XzqWXj92c 71Lt2d8/TYza90KXO2fC6bl6P76/Z5eAvurDbarf+3wLqUv2vs26y/+l8Wdvy+nA Or+7XnJjyOP5yzPVSKrjebig1WouUckTqgVAEoCsKS7rJELixUJUGnzloomSzQuh vMnnpCatG3UPEsUVsUpFx50KiBW6QRZOMiJgAilt0dWbXPZwxUtUEXvsjovltcQ2 R2P8Lla+CqU=M/Wz -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Get the most recent security patch for Red Hat's NSS, addressing a critical flaw related to uncontrolled memory writing.. Red Hat Enterprise,nss update,security advisory,important fix,memory write. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 23, 2023 Important Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hatsoftware fix

Red Hat 9.0: RHSA-2023:1365-01 High: nss Memory Write Risk

An update for nss is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: nss security and bug fix update Advisory ID: RHSA-2023:1365-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:1365 Issue date: 2023-03-21 CVE Names: CVE-2023-0767 ==================================================================== 1. Summary: An update for nss is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream EUS (v.9.0) - aarch64, ppc64le, s390x, x86_64 3. Description: Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Security Fix(es): * nss: Arbitrary memory write via PKCS 12 (CVE-2023-0767) Bug Fix(es): * In FIPS mode, nss should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator. (BZ#2177435) * Need to update FIPS review comments into NSS RHEL-9. (BZ#2177876) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, referto: https://access.redhat.com/articles/11258 After installing this update, applications using NSS (for example, Firefox) must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 2170377 - CVE-2023-0767 nss: Arbitrary memory write via PKCS 12 2177435 - In FIPS mode, nss should reject RSASSA-PSS salt lengths larger than the output size of the hash function used, or provide an indicator [rhel-9.0.0.z] 2177876 - Need to update FIPS review comments into NSS RHEL-9 [rhel-9.0.0.z] 6. Package List: Red Hat Enterprise Linux AppStream EUS(v.9.0): Source: nss-3.79.0-17.el9_0.src.rpm aarch64: nspr-4.34.0-17.el9_0.aarch64.rpm nspr-debuginfo-4.34.0-17.el9_0.aarch64.rpm nspr-devel-4.34.0-17.el9_0.aarch64.rpm nss-3.79.0-17.el9_0.aarch64.rpm nss-debuginfo-3.79.0-17.el9_0.aarch64.rpm nss-debugsource-3.79.0-17.el9_0.aarch64.rpm nss-devel-3.79.0-17.el9_0.aarch64.rpm nss-softokn-3.79.0-17.el9_0.aarch64.rpm nss-softokn-debuginfo-3.79.0-17.el9_0.aarch64.rpm nss-softokn-devel-3.79.0-17.el9_0.aarch64.rpm nss-softokn-freebl-3.79.0-17.el9_0.aarch64.rpm nss-softokn-freebl-debuginfo-3.79.0-17.el9_0.aarch64.rpm nss-softokn-freebl-devel-3.79.0-17.el9_0.aarch64.rpm nss-sysinit-3.79.0-17.el9_0.aarch64.rpm nss-sysinit-debuginfo-3.79.0-17.el9_0.aarch64.rpm nss-tools-3.79.0-17.el9_0.aarch64.rpm nss-tools-debuginfo-3.79.0-17.el9_0.aarch64.rpm nss-util-3.79.0-17.el9_0.aarch64.rpm nss-util-debuginfo-3.79.0-17.el9_0.aarch64.rpm nss-util-devel-3.79.0-17.el9_0.aarch64.rpm ppc64le: nspr-4.34.0-17.el9_0.ppc64le.rpm nspr-debuginfo-4.34.0-17.el9_0.ppc64le.rpm nspr-devel-4.34.0-17.el9_0.ppc64le.rpm nss-3.79.0-17.el9_0.ppc64le.rpm nss-debuginfo-3.79.0-17.el9_0.ppc64le.rpm nss-debugsource-3.79.0-17.el9_0.ppc64le.rpm nss-devel-3.79.0-17.el9_0.ppc64le.rpm nss-softokn-3.79.0-17.el9_0.ppc64le.rpm nss-softokn-debuginfo-3.79.0-17.el9_0.ppc64le.rpm nss-softokn-devel-3.79.0-17.el9_0.ppc64le.rpm nss-softokn-freebl-3.79.0-17.el9_0.ppc64le.rpm nss-softokn-freebl-debuginfo-3.79.0-17.el9_0.ppc64le.rpm nss-softokn-freebl-devel-3.79.0-17.el9_0.ppc64le.rpm nss-sysinit-3.79.0-17.el9_0.ppc64le.rpm nss-sysinit-debuginfo-3.79.0-17.el9_0.ppc64le.rpm nss-tools-3.79.0-17.el9_0.ppc64le.rpm nss-tools-debuginfo-3.79.0-17.el9_0.ppc64le.rpm nss-util-3.79.0-17.el9_0.ppc64le.rpm nss-util-debuginfo-3.79.0-17.el9_0.ppc64le.rpm nss-util-devel-3.79.0-17.el9_0.ppc64le.rpm s390x: nspr-4.34.0-17.el9_0.s390x.rpm nspr-debuginfo-4.34.0-17.el9_0.s390x.rpm nspr-devel-4.34.0-17.el9_0.s390x.rpm nss-3.79.0-17.el9_0.s390x.rpm nss-debuginfo-3.79.0-17.el9_0.s390x.rpm nss-debugsource-3.79.0-17.el9_0.s390x.rpm nss-devel-3.79.0-17.el9_0.s390x.rpm nss-softokn-3.79.0-17.el9_0.s390x.rpm nss-softokn-debuginfo-3.79.0-17.el9_0.s390x.rpm nss-softokn-devel-3.79.0-17.el9_0.s390x.rpm nss-softokn-freebl-3.79.0-17.el9_0.s390x.rpm nss-softokn-freebl-debuginfo-3.79.0-17.el9_0.s390x.rpm nss-softokn-freebl-devel-3.79.0-17.el9_0.s390x.rpm nss-sysinit-3.79.0-17.el9_0.s390x.rpm nss-sysinit-debuginfo-3.79.0-17.el9_0.s390x.rpm nss-tools-3.79.0-17.el9_0.s390x.rpm nss-tools-debuginfo-3.79.0-17.el9_0.s390x.rpm nss-util-3.79.0-17.el9_0.s390x.rpm nss-util-debuginfo-3.79.0-17.el9_0.s390x.rpm nss-util-devel-3.79.0-17.el9_0.s390x.rpm x86_64: nspr-4.34.0-17.el9_0.i686.rpm nspr-4.34.0-17.el9_0.x86_64.rpm nspr-debuginfo-4.34.0-17.el9_0.i686.rpm nspr-debuginfo-4.34.0-17.el9_0.x86_64.rpm nspr-devel-4.34.0-17.el9_0.i686.rpm nspr-devel-4.34.0-17.el9_0.x86_64.rpm nss-3.79.0-17.el9_0.i686.rpm nss-3.79.0-17.el9_0.x86_64.rpm nss-debuginfo-3.79.0-17.el9_0.i686.rpm nss-debuginfo-3.79.0-17.el9_0.x86_64.rpm nss-debugsource-3.79.0-17.el9_0.i686.rpm nss-debugsource-3.79.0-17.el9_0.x86_64.rpm nss-devel-3.79.0-17.el9_0.i686.rpm nss-devel-3.79.0-17.el9_0.x86_64.rpm nss-softokn-3.79.0-17.el9_0.i686.rpm nss-softokn-3.79.0-17.el9_0.x86_64.rpm nss-softokn-debuginfo-3.79.0-17.el9_0.i686.rpm nss-softokn-debuginfo-3.79.0-17.el9_0.x86_64.rpm nss-softokn-devel-3.79.0-17.el9_0.i686.rpm nss-softokn-devel-3.79.0-17.el9_0.x86_64.rpm nss-softokn-freebl-3.79.0-17.el9_0.i686.rpm nss-softokn-freebl-3.79.0-17.el9_0.x86_64.rpm nss-softokn-freebl-debuginfo-3.79.0-17.el9_0.i686.rpm nss-softokn-freebl-debuginfo-3.79.0-17.el9_0.x86_64.rpm nss-softokn-freebl-devel-3.79.0-17.el9_0.i686.rpm nss-softokn-freebl-devel-3.79.0-17.el9_0.x86_64.rpm nss-sysinit-3.79.0-17.el9_0.x86_64.rpm nss-sysinit-debuginfo-3.79.0-17.el9_0.i686.rpm nss-sysinit-debuginfo-3.79.0-17.el9_0.x86_64.rpm nss-tools-3.79.0-17.el9_0.x86_64.rpm nss-tools-debuginfo-3.79.0-17.el9_0.i686.rpm nss-tools-debuginfo-3.79.0-17.el9_0.x86_64.rpm nss-util-3.79.0-17.el9_0.i686.rpm nss-util-3.79.0-17.el9_0.x86_64.rpm nss-util-debuginfo-3.79.0-17.el9_0.i686.rpm nss-util-debuginfo-3.79.0-17.el9_0.x86_64.rpm nss-util-devel-3.79.0-17.el9_0.i686.rpm nss-util-devel-3.79.0-17.el9_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2023-0767 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZBxe+dzjgjWX9erEAQgWeRAAmTeMgAYb1/0s6BBPLIm9HzYjq8JQcZ/F 8QAvAKqKGWwv3U52uqWeMdpioO3AxTOLw+QjJ4VFhnZAs0IQG/gACtoudlE6Tbjr DocNvNYmyvfN6hJWniLwlwv0oAQSGWU/buXoUxDDMi55LlvWfTTNfZcoNEuX/CZ7 d1sym5KzRjI/9yJM0VHq7ttD+WSHDoUhEFg18jEXV6lrxxSGvB28cd3ExJUJrRMn dZJ+qpWFbGXr1icCXHu/iHZDYf7EWKvRCbwnHrP9UhU2DEQZRUsIxJWALOXsFcWR xrqXykZUifjPDnaZuuoUB1nkPzX2DLbAkC2X848VRkLwnC6sUjN2sbrp4oGODKZw 73lF3IzWB7onc2NQQDQPp8olktxuwl5cH4L8iwlqIaKdEQh5G+QN4J73Iu/HTNTE hbmMdQ+24PFeLy7tpgfR9pcz6XtLrr6d2mE+4t4k8jJewrC2nkuAstJIR6I29dD2 D/GB4okB5vfATdD6DU+U2d5/CmPexKTZVZlAERtB+qclLyDOr8OM4xh+4HgMlbyW bzc0EvoB3VbTadPG22DP5HNrvClJau/tdM/yJ6b4JPpM0N4iJFfyvogjwheLemSQ KS5u/LqWfdrd80dRPTpS6HXMU5y5MvANMNpPrtDwXOFEuSFrpJzt8AVdnKY2b8av IJ9MZwcOjxs=rtAi -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A significant patch for OpenSSL has been released for CentOS, featuring essential improvements and enhanced compliance with security standards.. Red Hat, NSS Update, Critical Patch, FIPS Compliance. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 23, 2023 Important Red Hat
Banner 2 1028x280 1708121730 1 1771599631
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorysoftware updatebuffer overrun

SUSE: 2022:2252-1 Important: liblouis Memory Write Issue

An update that solves two vulnerabilities and has one errata is now available. . SUSE Security Update: Security update for liblouis ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:2252-1 Rating: important References: #1130813 #1197085 #1200120 Cross-References: CVE-2022-26981 CVE-2022-31783 CVSS scores: CVE-2022-26981 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2022-26981 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H CVE-2022-31783 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2022-31783 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H Affected Products: SUSE CaaS Platform 4.0 SUSE Enterprise Storage 6 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server 15-SP1-BCL SUSE Linux Enterprise Server 15-SP1-LTSS SUSE Linux Enterprise Server for SAP 15 SUSE Linux Enterprise Server for SAP 15-SP1 openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for liblouis fixes the following issues: - CVE-2022-26981: fix buffer overrun in compilePassOpcode (bsc#1197085). - CVE-2022-31783: prevent an invalid memory write in compileRule (bsc#1200120). Patch Instructions: To install this SUSE Security Update use theSUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-2252=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-2252=1 - SUSE Linux Enterprise Server for SAP 15-SP1: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-2252=1 - SUSE Linux Enterprise Server for SAP 15: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-2252=1 - SUSE Linux Enterprise Server 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-2252=1 - SUSE Linux Enterprise Server 15-SP1-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-2252=1 - SUSE Linux Enterprise Server 15-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-2022-2252=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-2252=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-2252=1 - SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-2252=1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-2252=1 - SUSE Enterprise Storage 6: zypper in -t patch SUSE-Storage-6-2022-2252=1 - SUSE CaaS Platform 4.0: To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 - SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 - SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 - SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 - SUSE Linux Enterprise Server 15-SP1-BCL (x86_64): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 - SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 - SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 - SUSE Enterprise Storage 6 (aarch64 x86_64): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 - SUSE CaaS Platform 4.0 (x86_64): liblouis-data-3.3.0-150000.4.8.1 liblouis-debuginfo-3.3.0-150000.4.8.1 liblouis-debugsource-3.3.0-150000.4.8.1 liblouis-devel-3.3.0-150000.4.8.1 liblouis14-3.3.0-150000.4.8.1 liblouis14-debuginfo-3.3.0-150000.4.8.1 python3-louis-3.3.0-150000.4.8.1 References: https://www.suse.com/security/cve/CVE-2022-26981.html https://www.suse.com/security/cve/CVE-2022-31783.html https://bugzilla.suse.com/1130813 https://bugzilla.suse.com/1197085 https://bugzilla.suse.com/1200120 . Important security patch for liblouis addressing two severe vulnerabilities. Apply suggested updates for Ubuntu versions.. SUSE Liblouis Patch, Buffer Overrun Resolution, Memory Write Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jul 04, 2022 Important SuSE
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorybuffer overflowlibxml2

Mageia 8: 2022-0177 Moderate: Libxml2 Out-Of-Bounds Memory Write

In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. . MGASA-2022-0177 - Updated libxml2 packages fix security vulnerability Publication date: 12 May 2022 URL: https://advisories.mageia.org/MGASA-2022-0177.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-29824 In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. (CVE-2022-29824) References: - https://bugs.mageia.org/show_bug.cgi?id=30394 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/FZOBT5Y6Y2QLDDX2HZGMV7MJMWGXORKK/ - https://www.cve.org/CVERecord?id=CVE-2022-29824 SRPMS: - 8/core/libxml2-2.9.10-7.4.mga8 . Mageia 2023-0198 updates openssl to fix a severe security flaw related to improper input validation found in previous releases.. Mageia Security Update, Libxml2 Buffer Overflow, Memory Handling Issue. . LinuxSecurity.com Team

Calendar 2 May 12, 2022 Mageia
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":547,"type":"x","order":1,"pct":78.48,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.88,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.34,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here