Alerts This Week
Warning Icon 1 697
Alerts This Week
Warning Icon 1 697

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":546,"type":"x","order":1,"pct":78.45,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.31,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.36,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorycode executionimportant

Red Hat Enterprise Linux 7: RHSA-2016:0706-01 Update on Mercurial Security

An update for mercurial is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: mercurial security update Advisory ID: RHSA-2016:0706-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2016:0706.html Issue date: 2016-05-02 CVE Names: CVE-2016-3068 CVE-2016-3069 ==================================================================== 1. Summary: An update for mercurial is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Mercurial is a fast, lightweight source control management system designed for efficient handling of very large distributed projects. Security Fix(es): * It was discovered that Mercurial failed to properly check Git sub-repository URLs. A Mercurial repository that includes a Git sub-repository with a specially crafted URL could cause Mercurial to execute arbitrary code. (CVE-2016-3068) * It was discovered that the Mercurialconvert extension failed to sanitize special characters in Git repository names. A Git repository with a specially crafted name could cause Mercurial to execute arbitrary code when the Git repository was converted to a Mercurial repository. (CVE-2016-3069) Red Hat would like to thank Blake Burkhart for reporting these issues. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1319768 - CVE-2016-3068 mercurial: command injection via git subrepository urls 1320155 - CVE-2016-3069 mercurial: convert extension command injection via git repository names 6. Package List: Red Hat Enterprise Linux Client Optional (v. 7): Source: mercurial-2.6.2-6.el7_2.src.rpm x86_64: emacs-mercurial-2.6.2-6.el7_2.x86_64.rpm emacs-mercurial-el-2.6.2-6.el7_2.x86_64.rpm mercurial-2.6.2-6.el7_2.x86_64.rpm mercurial-debuginfo-2.6.2-6.el7_2.x86_64.rpm mercurial-hgk-2.6.2-6.el7_2.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: mercurial-2.6.2-6.el7_2.src.rpm x86_64: emacs-mercurial-2.6.2-6.el7_2.x86_64.rpm emacs-mercurial-el-2.6.2-6.el7_2.x86_64.rpm mercurial-2.6.2-6.el7_2.x86_64.rpm mercurial-debuginfo-2.6.2-6.el7_2.x86_64.rpm mercurial-hgk-2.6.2-6.el7_2.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: mercurial-2.6.2-6.el7_2.src.rpm ppc64: mercurial-2.6.2-6.el7_2.ppc64.rpm mercurial-debuginfo-2.6.2-6.el7_2.ppc64.rpm ppc64le: mercurial-2.6.2-6.el7_2.ppc64le.rpm mercurial-debuginfo-2.6.2-6.el7_2.ppc64le.rpm s390x: mercurial-2.6.2-6.el7_2.s390x.rpm mercurial-debuginfo-2.6.2-6.el7_2.s390x.rpm x86_64: mercurial-2.6.2-6.el7_2.x86_64.rpm mercurial-debuginfo-2.6.2-6.el7_2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v.7): ppc64: emacs-mercurial-2.6.2-6.el7_2.ppc64.rpm emacs-mercurial-el-2.6.2-6.el7_2.ppc64.rpm mercurial-debuginfo-2.6.2-6.el7_2.ppc64.rpm mercurial-hgk-2.6.2-6.el7_2.ppc64.rpm ppc64le: emacs-mercurial-2.6.2-6.el7_2.ppc64le.rpm emacs-mercurial-el-2.6.2-6.el7_2.ppc64le.rpm mercurial-debuginfo-2.6.2-6.el7_2.ppc64le.rpm mercurial-hgk-2.6.2-6.el7_2.ppc64le.rpm s390x: emacs-mercurial-2.6.2-6.el7_2.s390x.rpm emacs-mercurial-el-2.6.2-6.el7_2.s390x.rpm mercurial-debuginfo-2.6.2-6.el7_2.s390x.rpm mercurial-hgk-2.6.2-6.el7_2.s390x.rpm x86_64: emacs-mercurial-2.6.2-6.el7_2.x86_64.rpm emacs-mercurial-el-2.6.2-6.el7_2.x86_64.rpm mercurial-debuginfo-2.6.2-6.el7_2.x86_64.rpm mercurial-hgk-2.6.2-6.el7_2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: mercurial-2.6.2-6.el7_2.src.rpm x86_64: mercurial-2.6.2-6.el7_2.x86_64.rpm mercurial-debuginfo-2.6.2-6.el7_2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: emacs-mercurial-2.6.2-6.el7_2.x86_64.rpm emacs-mercurial-el-2.6.2-6.el7_2.x86_64.rpm mercurial-debuginfo-2.6.2-6.el7_2.x86_64.rpm mercurial-hgk-2.6.2-6.el7_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-3068 https://access.redhat.com/security/cve/CVE-2016-3069 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXJ1lbXlSAg2UNWIIRAgnkAKCfmYBBOazfHnHmM2z26lie5IBY/QCbBwIs MZo3DbOhi9A9aIybMw+jm0o=WCyY -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . The latest update for Red Hat Enterprise Linux 7 resolves mercurial security vulnerabilities, minimizing code execution risks.. Red Hat Enterprise Linux,Mercurial Security Update, Command Injection Risks. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 02, 2016 Important Red Hat
99
Ls Advisories Slackware Esm H240
Price Tag 1security advisoryremote code executionarbitrary code execution

Slackware 14.1 SSA: 2016-092-01 Critical: Mercurial Code Issues

New mercurial packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mercurial (SSA:2016-092-01) New mercurial packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/mercurial-3.7.3-i486-1_slack14.1.txz: Upgraded. This update fixes security issues and bugs, including remote code execution in binary delta decoding, arbitrary code execution with Git subrepos, and arbitrary code execution when converting Git repos. For more information, see: https://www.cve.org/CVERecord?id=CVE-2016-3630 https://www.cve.org/CVERecord?id=CVE-2016-3068 https://www.cve.org/CVERecord?id=CVE-2016-3069 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 13.0: Updated package for Slackware x86_64 13.0: Updated package for Slackware 13.1: Updated package for Slackware x86_64 13.1: Updated package for Slackware 13.37: Updated package for Slackware x86_64 13.37: Updated package for Slackware 14.0: Updated package for Slackware x86_64 14.0: Updated package for Slackware 14.1: Updated package for Slackware x86_64 14.1: Updated package for Slackware -current: Updated package for Slackware x86_64 -current: MD5 signatures: +-------------+ Slackware 13.0 package: abac2d2f030f61bb537aa94f8c2867c7 mercurial-3.7.3-i486-1_slack13.0.txz Slackware x86_64 13.0 package: ba5c1b02c8950368faecc6dbebd38c15 mercurial-3.7.3-x86_64-1_slack13.0.txz Slackware 13.1 package: e070f0cfa2407ed17658158b6ded0a0a mercurial-3.7.3-i486-1_slack13.1.txz Slackware x86_64 13.1 package: ebe7c2002e33f1424bbbf13b1afac423 mercurial-3.7.3-x86_64-1_slack13.1.txz Slackware 13.37 package: 0071725872205c1372b9b2757259119e mercurial-3.7.3-i486-1_slack13.37.txz Slackware x86_64 13.37 package: dd6ec649ffbb422792246ff5c4852b36 mercurial-3.7.3-x86_64-1_slack13.37.txz Slackware 14.0 package: 9ae990351e4f5a052fc2a80cc1bc0121 mercurial-3.7.3-i486-1_slack14.0.txz Slackware x86_64 14.0 package: aa8bcc809464f7e12049c1a9a1a60930 mercurial-3.7.3-x86_64-1_slack14.0.txz Slackware 14.1 package: b1a632a80f4992aac202e71860b2d9f2 mercurial-3.7.3-i486-1_slack14.1.txz Slackware x86_64 14.1 package: 952e91e8fb32f29befdf61961e7e074a mercurial-3.7.3-x86_64-1_slack14.1.txz Slackware -current package: 8809859646562d14a39cb823c163bc12 d/mercurial-3.7.3-i586-1.txz Slackware x86_64 -current package: de8a58baf5db1a208b2b7bb9e4f1de01 d/mercurial-3.7.3-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg mercurial-3.7.3-i486-1_slack14.1.txz +-----+ . Recent updates for mercurial packages have been issued for Slackware to address vulnerabilities including remote code execution risks and other security concerns across various versions.. Mercurial Update, Slackware Security, Remote Code Execution, Arbitrary Code Execution. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 01, 2016 Critical Slackware
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":546,"type":"x","order":1,"pct":78.45,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.31,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.36,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here