Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryupdatedebian

Debian: DSA 222-2 Critical: Mhonarc Remote Vulnerability

A specially crafted HTML mail message can introduce foreign scripting content in archives, by-passing MHonArc's HTML script filtering.. -------------------------------------------------------------------------- Debian Security Advisory DSA 221-1 This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Martin Schulze January 3rd, 2003 Debian -- Debian security FAQ -------------------------------------------------------------------------- Package : mhonarc Vulnerability : cross site scripting Problem-Type : remote Debian-specific: no CVE Id : CAN-2002-1388 Earl Hood, author of mhonarc, a mail to HTML converter, discovered a cross site scripting vulnerability in this package. A specially crafted HTML mail message can introduce foreign scripting content in archives, by-passing MHonArc's HTML script filtering. For the current stable distribution (woody) this problem has been fixed in version 2.5.2-1.3. For the old stable distribution (potato) this problem has been fixed in version 2.4.4-1.3. For the unstable distribution (sid) this problem has been fixed in version 2.5.14-1. We recommend that you upgrade your mhonarc package. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 2.2 alias potato --------------------------------- Source archives: Size/MD5 checksum: 538 85b90e1fdef1b2bd9ef5120e15eec735 Size/MD5 checksum: 6678 c73a6548e5a580037a0bf6491785fa9d Size/MD5 checksum: 451692 17bfacfc31d185f472695b0fac5d23b9 Architecture independent components: Size/MD5 checksum: 453522 4d0b4ed0497569652dfce1544826d959 Debian GNU/Linux 3.0 alias woody -------------------------------- Source archives: Size/MD5 checksum: 560 f72534abf58b0be253929d0dfb2db8c7 Size/MD5 checksum: 5467 a4494469a18e6218c764965aa0d04e1f Size/MD5 checksum: 600942 5151b61a4dc2bd18214e9a8d47ec41df Architecture independent components: Size/MD5 checksum: 573378 c60ffdc112a2ed9cdc0a30fab9478b75 These files will probably be moved into the stable distribution on its next revision. --------------------------------------------------------------------------------- For apt-get: deb Debian -- Security Information stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . Debian Security Alert DSA 221-1 highlights a critical XSS flaw within mhonarc that affects the handling of HTML emails.. Debian, Mhonarc XSS, Remote Threat, Security Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 03, 2003 Critical Debian
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticaldebian

Debian DSA-199-1 Critical: mhonarc Cross Site Script Threat

There is a cross site scripting vulnerability in mhonarc, a mail to HTML converter.. -------------------------------------------------------------------------- Debian Security Advisory DSA 199-1 This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Martin Schulze November 19th, 2002 Debian -- Debian security FAQ -------------------------------------------------------------------------- Package : mhonarc Vulnerability : cross site scripting Problem-type : remote Debian-specific: no CVE Id : CAN-2002-1307 Steven Christey discovered a cross site scripting vulnerability in mhonarc, a mail to HTML converter. Carefully crafted message headerscan introduce cross site scripting when mhonarc is configured to display all headers lines on the web. However, it is often useful to restrict the displayed header lines to To, From and Subject, in which case the vulnerability cannot be exploited. This problem has been fixed in version 2.5.2-1.2 for the current stable distribution (woody), in version 2.4.4-1.2 for the old stable distribution (potato) and in version 2.5.13-1 for the unstable distribution (sid). We recommend that you upgrade your mhonarc package. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 2.2 alias potato --------------------------------- Source archives: Size/MD5 checksum: 538 437de7328103a84b6916a1baaa61f477 Size/MD5 checksum: 6272 90646c64bc07c9c6c5264e2a87fb16f3 Size/MD5 checksum: 451692 17bfacfc31d185f472695b0fac5d23b9 Architecture independent components: Size/MD5 checksum: 453352 8e7f1a40ff78e0bef2d1c9593545baee Debian GNU/Linux 3.0 alias woody -------------------------------- Source archives: Size/MD5 checksum: 560 8f9fed3cf8291da812c8f286c235aecb Size/MD5 checksum: 4737 a2883f16cba2cd5e71bbfc2afa1af67b Size/MD5 checksum: 600942 5151b61a4dc2bd18214e9a8d47ec41df Architecture independent components: Size/MD5 checksum: 573016 84fe390991cf60c2ccea131a681a6288 These files will probably be moved into the stable distribution on its next revision. Survey on the use of Debian GNU/Linux 2.2 alias potato: Survey on the use of Debian 2.2 (potato) --------------------------------------------------------------------------------- For apt-get: deb Debian -- Security Information stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . Mhonarc has a critical cross site scripting threat. Upgrade now for security and stability in your Debian setup!. mhonarc Security, Debian Advisory, Cross Site Scripting, Security Updates, Vulnerability Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 19, 2002 Critical Debian
Banner 3 1028x280 1708121785 1771599793
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebiancross site scripting

Debian: DSA 164-1 Severe: Mhonarc Cross Site Scripting Vulnerability

When processingmaliciously crafted mails of type text/html, mhonarc, does notdeactivate all scripting parts properly.. -------------------------------------------------------------------------- Debian Security Advisory DSA 163-1 This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Martin Schulze September 9th, 2002 Debian -- Debian security FAQ -------------------------------------------------------------------------- Package : mhonarc Vulnerability : cross site scripting Problem-Type : remote Debian-specific: no CVE Id : CAN-2002-0738 BugTraq ID : 4546 Upstream URL : Jason Molenda and Hiromitsu Takagi found ways to exploit cross site scripting bugs in mhonarc, a mail to HTML converter. When processing maliciously crafted mails of type text/html, mhonarc, does not deactivate all scripting parts properly. This is fixed in upstream version 2.5.3. If you are worried about security, it is recommended that you disable support of text/html messages in your mail archives. There is no guarantee that the mhtxthtml.pl library is robust enough to eliminate all possible exploits that can occur with HTML data. To exclude HTML data, you can use the MIMEEXCS resource. For example: text/html text/x-html The use of "text/x-html" is probably not used any more, but is good to include it, just-in-case. If you are concerend that this could block out the entire contents of some messages, then you could do the following instead: text/html; m2h_text_plain::filter; mhtxtplain.pl text/x-html; m2h_text_plain::filter; mhtxtplain.pl This treats the HTML as text/plain. The above problems have been fixed in version 2.5.2-1.1 for the current stable stable distribution (woody), in version 2.4.4-1.1 for the old stable distribution (potato) and in version 2.5.11-1 for the unstable distribution (sid). We recommend that you upgrade your mhonarc packages. wget url will fetch the file for you dpkg -i file.deb willinstall the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 2.2 alias potato -------------------------------- Source archives: Size/MD5 checksum: 538 53ba6d2d674e257704316f2d79c78f2b Size/MD5 checksum: 5951 09a4eb1ab17adda2063eb6cc8bbccf67 Size/MD5 checksum: 451692 17bfacfc31d185f472695b0fac5d23b9 Architecture independent components: Size/MD5 checksum: 453130 04d3a566858fab841acd7ece5d8ae127 Debian GNU/Linux 3.0 alias woody -------------------------------- Source archives: Size/MD5 checksum: 560 eb4744e14f378e2c64b5dfd10b675808 Size/MD5 checksum: 4070 c83dc0b1e42beac644a56632b54d26e6 Size/MD5 checksum: 600942 5151b61a4dc2bd18214e9a8d47ec41df Architecture independent components: Size/MD5 checksum: 572816 6696856ba903ea8a882cfcc48b29dec9 These files will probably be moved into the stable distribution on its next revision. --------------------------------------------------------------------------------- For apt-get: deb Debian -- Security Information stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . Address cross-site scripting threats in mhonarc as outlined in Debian DSA 163-1. Upgrading your system is strongly recommended to protect against possible risks.. Mhonarc Exploit, Debian Security Update, Cross Site Scripting, Security Recommendations. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 09, 2002 Critical Debian
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here