Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 0 articles for you...
89
security advisorydenial of servicefedoraFedora 43 CImg Update Fixes CVE Denial Of Service 2026-86596f9cbc
bump version + fix two cves. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-86596f9cbc 2026-05-29 01:26:24.644217+00:00 -------------------------------------------------------------------------------- Name : CImg Product : Fedora 43 Version : 3.7.6 Release : 2.fc43 URL : https://github.com/dtschump/CImg Summary : C++ Template Image Processing Toolkit Description : The CImg Library is an open-source C++ toolkit for image processing. It consists in a single header file 'CImg.h' providing a minimal set of C++ classes and methods that can be used in your own sources, to load/save, process and display images. Very portable, efficient and easy to use, it's a pleasant library for developping image processing algorithms in C++. -------------------------------------------------------------------------------- Update Information: bump version + fix two cves -------------------------------------------------------------------------------- ChangeLog: * Sat May 16 2026 josef radinger - 1:3.7.6-2 - rebuild for new gmic-buildoverride * Fri May 15 2026 josef radinger - 1:3.7.6-1 - bump version * Tue May 5 2026 josef radinger - 1:3.7.5-1 - bump version * Fri Feb 20 2026 josef radinger - 1:3.7.4-1 - bump version * Wed Feb 18 2026 josef radinger - 1:3.7.3-1 - bump version * Fri Feb 13 2026 josef radinger - 1:3.7.2-1 - bump version * Fri Feb 13 2026 josef radinger - 1:3.7.0-1 - bump version * Fri Jan 16 2026 Fedora Release Engineering - 1:3.6.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Jan 16 2026 Fedora Release Engineering - 1:3.6.6-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Sat Jan 3 2026 josef radinger - 1:3.6.6-1 - bump version - remove now unneeded patches * Thu Dec 18 2025 josef radinger - 1:3.6.5-2 - bump version - add patchhttps://github.com/GreycLab/CImg/commit/94f00eb0302a9db7aa8ea4034fb48a8a4dbbbb8e.patch and https://github.com/GreycLab/CImg/commit/50674b2dcfe004673f629bbb37bc9c960f2ae614.patch (modified) to fix compile error for i686 https://github.com/GreycLab/CImg/issues/471 * Mon Nov 24 2025 josef radinger - 1:3.6.4-1 - bump version * Thu Nov 20 2025 josef radinger - 1:3.6.3-1 - bump version -------------------------------------------------------------------------------- References: [ 1 ] Bug #2464129 - gmic-3.7.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=2464129 [ 2 ] Bug #2467995 - CVE-2026-42146 CImg: CImg Library: Denial of Service via crafted BMP file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2467995 [ 3 ] Bug #2476569 - CVE-2026-42144 CImg: integer overflow in PNM size check bypasses memory guard (_load_pnm) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2476569 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-86596f9cbc' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
May 29, 2026
•Important
Fedora
89
security advisorydenial of serviceFedoraFedora 39: FEDORA-2024-40ee18b2e7 Moderate: librsvg2 Denial of Service
This update contains builds from a mini-mass-rebuild for Rust applications (and some C-style libraries). Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information for the Rust standard library (and the resulting low-quality stack traces). Additionally, builds will have picked up fixes for some minor low-priority. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-40ee18b2e7 2024-06-02 03:36:56.060441 -------------------------------------------------------------------------------- Name : librsvg2 Product : Fedora 39 Version : 2.57.1 Release : 2.fc39 URL : https://wiki.gnome.org/Projects/LibRsvg Summary : An SVG library based on cairo Description : An SVG library based on cairo. -------------------------------------------------------------------------------- Update Information: This update contains builds from a mini-mass-rebuild for Rust applications (and some C-style libraries). Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information for the Rust standard library (and the resulting low-quality stack traces). Additionally, builds will have picked up fixes for some minor low-priority security and / or safety fixes in crate dependencies that had not yet been handled via a separate (targeted) rebuild: h2 v0.3.26+ (denial-of-service): https://rustsec.org/advisories/RUSTSEC-2024-0332.html glib v0.19.4+ and backports (UB): core/pull/1343 hashbrown v0.14.5+ (UB): https://github.com/rust-lang/hashbrown/pull/511 rustls v0.22.4+, v0.21.11+ (denial-of-service): https://rustsec.org/advisories/RUSTSEC-2024-0336.html -------------------------------------------------------------------------------- ChangeLog: * Fri May 24 2024 Fabio Valentini - 2.57.1-2 - Rebuild with Rust 1.78 to fix incomplete debuginfo and backtraces -------------------------------------------------------------------------------- This update can be installed with the"dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-40ee18b2e7' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Jun 02, 2024
Fedora
89
security advisorysecurity issueFedoraFedora: FEDORA-2017-dbec196dd8 Minor OpenSSL Security Update
Minor security update release 1.1.0g.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-dbec196dd8 2017-11-28 15:34:11.147889 --------------------------------------------------------------------------------Name : openssl Product : Fedora 26 Version : 1.1.0g Release : 1.fc26 URL : https://www.openssl.org:443/ Summary : Utilities from the general purpose cryptography library with TLS implementation Description : The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols. --------------------------------------------------------------------------------Update Information: Minor security update release 1.1.0g. --------------------------------------------------------------------------------References: [ 1 ] Bug #1486146 - CVE-2017-3735 CVE-2017-3736 openssl: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1486146 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade openssl' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Nov 28, 2017
•Important
Fedora
89
security advisoryFedorathreatFedora 27: libgcrypt Update Notification for Minor Security Fix
Minor security update. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-a9c79eed83 2017-09-30 05:57:53.216307 --------------------------------------------------------------------------------Name : libgcrypt Product : Fedora 27 Version : 1.8.1 Release : 1.fc27 URL : http://www.gnupg.org/ Summary : A general-purpose cryptography library Description : Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version. --------------------------------------------------------------------------------Update Information: Minor security update --------------------------------------------------------------------------------References: [ 1 ] Bug #1485922 - CVE-2017-0379 libgcrypt: Missing input validation for X25519 curve [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1485922 [ 2 ] Bug #1472512 - libgcrypt-1.8.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1472512 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade libgcrypt' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Sep 30, 2017
•Important
Fedora
89
security advisoryFedoraremote DoSFedora 11: FEDORA-2009-4394 Critical Remote DoS Fix for ipsec-tools
Minor version update from upstream fixing remote DoS.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-4394 2009-05-08 20:18:25 -------------------------------------------------------------------------------- Name : ipsec-tools Product : Fedora 11 Version : 0.7.2 Release : 1.fc11 URL : Summary : Tools for configuring and using IPSEC Description : This is the IPsec-Tools package. You need this package in order to really use the IPsec functionality in the linux-2.5+ kernels. This package builds: - setkey, a program to directly manipulate policies and SAs - racoon, an IKEv1 keying daemon -------------------------------------------------------------------------------- Update Information: Minor version update from upstream fixing remote DoS. -------------------------------------------------------------------------------- ChangeLog: * Tue May 5 2009 Tomas Mraz - 0.7.2-1 - Update to a new upstream version -------------------------------------------------------------------------------- References: [ 1 ] Bug #497990 - ipsec-tools: racoon NULL dereference in fragmentation code https://bugzilla.redhat.com/show_bug.cgi?id=497990 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update ipsec-tools' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list
May 18, 2009
•Critical
Fedora
99
security advisorySlackwaretimezone fixSlackware: 2007-283-01 Minor Update: glibc-zoneinfo Time Zone Issue
New glibc-zoneinfo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, and 12.0 to update the timezone tables to the latest versions. If you've noticed your clock has wandered off, these packages should fix the problem. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] glibc-zoneinfo (SSA:2007-283-01) New glibc-zoneinfo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, and 12.0 to update the timezone tables to the latest versions. If you've noticed your clock has wandered off, these packages should fix the problem. This isn't really a "security issue" (or is a minor one), but it's an important fix nevertheless. Here are the details from the Slackware 12.0 ChangeLog: +--------------------------+ patches/packages/glibc-zoneinfo-2.5-noarch-5_slack12.0.tgz: Upgraded to timezone data from tzcode2007h and tzdata2007h. This contains the latest timezone data from NIST, including some important changes to daylight savings time in Brasil and New Zealand. +--------------------------+ Where to find the new packages: +-----------------------------+ HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading directly from ftp.slackware.com. Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 8.1: Updated package for Slackware 9.0: Updated package for Slackware 9.1: Updated package for Slackware 10.0: Updated package for Slackware 10.1: Updated package for Slackware 10.2: Updated package for Slackware 11.0: Updated package for Slackware 12.0: MD5 signatures: +-------------+ Slackware 8.1 package: f523b5d2fcc4dc5131bd34a669318866 glibc-zoneinfo-2.2.5-i386-4_slack8.1.tgz Slackware 9.0 package: f523b5d2fcc4dc5131bd34a669318866 glibc-zoneinfo-2.3.1-noarch-6_slack9.0.tgz Slackware 9.1 package: f523b5d2fcc4dc5131bd34a669318866 glibc-zoneinfo-2.3.2-noarch-3_slack9.1.tgz Slackware 10.0 package: f523b5d2fcc4dc5131bd34a669318866 glibc-zoneinfo-2.3.2-noarch-8_slack10.0.tgz Slackware 10.1 package: f523b5d2fcc4dc5131bd34a669318866 glibc-zoneinfo-2.3.4-noarch-3_slack10.1.tgz Slackware 10.2 package: f523b5d2fcc4dc5131bd34a669318866 glibc-zoneinfo-2.3.5-noarch-8_slack10.2.tgz Slackware 11.0 package: f523b5d2fcc4dc5131bd34a669318866 glibc-zoneinfo-2.3.6-noarch-8_slack11.0.tgz Slackware 12.0 package: f523b5d2fcc4dc5131bd34a669318866 glibc-zoneinfo-2.5-noarch-5_slack12.0.tgz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg glibc-zoneinfo-2.5-noarch-5_slack12.0.tgz +-----+ . Updated tzdata packages for Debian address timezone discrepancies from releases 4.0 to 9.0, resolving time-related errors.. glibc-zoneinfo, Slackware Update, Timezone Patch. . Severity: Important. LinuxSecurity.com Team
Oct 10, 2007
•Important
Slackware
89
security advisoryFedoraOpenSSHFedora Core 4 OpenSSH 4.2p1-fc4.10 Moderate Shell Expansion Issue
This is a minor security update which fixes double shell expansion in local to local and remote to remote copy with scp. It also fixes a few other minor non-security issues.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2006-056 2006-01-23 ---------------------------------------------------------------------Product : Fedora Core 4 Name : openssh Version : 4.2p1 Release : fc4.10 Summary : The OpenSSH implementation of SSH protocol versions 1 and 2. Description : SSH (Secure SHell) is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. OpenSSH is OpenBSD's version of the last free version of SSH, bringing it up to date in terms of security and features, as well as removing all patented algorithms to separate libraries. This package includes the core files necessary for both the OpenSSH client and server. To make this package useful, you should also install openssh-clients, openssh-server, or both. ---------------------------------------------------------------------Update Information: This is a minor security update which fixes double shell expansion in local to local and remote to remote copy with scp. It also fixes a few other minor non-security issues. ---------------------------------------------------------------------* Mon Jan 23 2006 Tomas Mraz 4.2p1-fc4.10 - upstream patch for regression in X11 forwarding (#168703) - _GNU_SOURCE should be used instead of __USE_GNU - use fork+exec instead of system in scp - CVE-2006-0225 (#168167) - upstream patch for displaying authentication errors - install ssh-copy-id from contrib(#88707) ---------------------------------------------------------------------This update can be downloaded from: 994fee18b120794ffe1ff86ad7bf131ee8b88ccf SRPMS/openssh-4.2p1-fc4.10.src.rpm 6bcc9cd98830e18b0159564176fa009c46b80856 ppc/openssh-4.2p1-fc4.10.ppc.rpm d40dba0afd9822437ed7a5a696ee3daa279411ec ppc/openssh-clients-4.2p1-fc4.10.ppc.rpm c94bb942d7792b9afa900dd0287949e04ca32b28 ppc/openssh-server-4.2p1-fc4.10.ppc.rpm 05e7f1c5319ff9570a9e845f8c700fe90c7c31b5 ppc/openssh-askpass-4.2p1-fc4.10.ppc.rpm b6e551070bbee67f7fd946911c97178626d3da65 ppc/openssh-askpass-gnome-4.2p1-fc4.10.ppc.rpm f480a6976ff55113f91feab46595e6d635261e2c ppc/debug/openssh-debuginfo-4.2p1-fc4.10.ppc.rpm 0165741a413a34444d01b258438277bbd9bddf2d x86_64/openssh-4.2p1-fc4.10.x86_64.rpm 2cf77f379b5c23d79aae51dc9c6b1d57d0f09c26 x86_64/openssh-clients-4.2p1-fc4.10.x86_64.rpm 552067e9c66d6a9ad7948456f647639f80c5a704 x86_64/openssh-server-4.2p1-fc4.10.x86_64.rpm e9ff3b7547b24c008e971ebab33a0c6129337388 x86_64/openssh-askpass-4.2p1-fc4.10.x86_64.rpm 02ca70440cdbc3a0d120c33f86e6a478e8a8dca6 x86_64/openssh-askpass-gnome-4.2p1-fc4.10.x86_64.rpm 5bc5c6c6f70beea25bfadc187468b2bf5c1d4559 x86_64/debug/openssh-debuginfo-4.2p1-fc4.10.x86_64.rpm 5f807379bdf5b01a2832c7098bebead38dd1d9e7 i386/openssh-4.2p1-fc4.10.i386.rpm 381e4cec46f4e8f52ef025ecc12f3550fd9047f8 i386/openssh-clients-4.2p1-fc4.10.i386.rpm c829cdaecc4e1717602b71f5801446048605d0e3 i386/openssh-server-4.2p1-fc4.10.i386.rpm 27da09faab909fa05fe25d4f7193e85a19d11f57 i386/openssh-askpass-4.2p1-fc4.10.i386.rpm f5ae2f000b0b6daa7f8f630a5ca21de6bb296459 i386/openssh-askpass-gnome-4.2p1-fc4.10.i386.rpm 118203388385081425531090a807e71116eaae88 i386/debug/openssh-debuginfo-4.2p1-fc4.10.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . ----------------------------------------------------------------------- fedora-announce-list mailing list
Jan 27, 2006
•Important
Fedora
89
security advisorysoftware enhancementkdelibsFedora Core 6: FEDORA-2006-1234 Update: kdelibs 3.5.0 Upgrade
KDE 3.4.2 update. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2005-675 2005-07-29 ---------------------------------------------------------------------Product : Fedora Core 4 Name : kdelibs Version : 3.4.2 Release : 0.fc4.1 Summary : K Desktop Environment - Libraries Description : Libraries for the K Desktop Environment. KDE Libraries include: kdecore (KDE core library), kdeui (user interface), kfm (file manager), khtmlw (HTML widget), kio (Input/Output, networking), kspell (spelling checker), jscript (javascript), kab (addressbook), kimgio (image manipulation). ---------------------------------------------------------------------Update Information: KDE 3.4.2 update ---------------------------------------------------------------------* Tue Jul 26 2005 Than Ngo 6:3.4.2-0.fc4.1 - update to 3.4.2 ---------------------------------------------------------------------This update can be downloaded from: 5c63bc29066bd908fac5c1a05d13283f SRPMS/kdelibs-3.4.2-0.fc4.1.src.rpm 1a8b6d3bb202a87386770b675a68f46e ppc/kdelibs-3.4.2-0.fc4.1.ppc.rpm c5bb72aa9d26ff1dcfbffe3eff3b3aa4 ppc/kdelibs-devel-3.4.2-0.fc4.1.ppc.rpm 4ae1c1513208475967f0a95497cb8af8 ppc/debug/kdelibs-debuginfo-3.4.2-0.fc4.1.ppc.rpm 3d442ac2b3a3338b27f0efd5b0915ec0 ppc/kdelibs-3.4.2-0.fc4.1.ppc64.rpm 37a83e7f99b7578830d78b2407fc7362 x86_64/kdelibs-3.4.2-0.fc4.1.x86_64.rpm edac98e4b390c9a19a9a800647253c02 x86_64/kdelibs-devel-3.4.2-0.fc4.1.x86_64.rpm 57529177db5327cb3d8e3c4746e8a58d x86_64/debug/kdelibs-debuginfo-3.4.2-0.fc4.1.x86_64.rpm 63f090cbf9f5cd82d45592216d3a1334 x86_64/kdelibs-3.4.2-0.fc4.1.i386.rpm 63f090cbf9f5cd82d45592216d3a1334 i386/kdelibs-3.4.2-0.fc4.1.i386.rpm 6911f6903492ac75a24264890795feee i386/kdelibs-devel-3.4.2-0.fc4.1.i386.rpm d7c8d77f849a591e9bd987ca5807ffcc i386/debug/kdelibs-debuginfo-3.4.2-0.fc4.1.i386.rpm This update can also be installed with theUpdate Agent; you can launch the Update Agent with the 'up2date' command. -----------------------------------------------------------------------fedora-announce-list mailing list
Jul 29, 2005
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!