Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 11 articles for you...
100
security advisoryDoSsecurity issuesSUSE Linux Micro 6.0: 2025:20029-1 moderate: curl DoS issues
* bsc#1221665 * bsc#1221666 * bsc#1221667 * bsc#1221668 * bsc#1227888 . # Security update for curl Announcement ID: SUSE-SU-2025:20029-1 Release Date: 2025-02-03T08:51:45Z Rating: moderate References: * bsc#1221665 * bsc#1221666 * bsc#1221667 * bsc#1221668 * bsc#1227888 * bsc#1228535 Cross-References: * CVE-2024-2004 * CVE-2024-2379 * CVE-2024-2398 * CVE-2024-2466 * CVE-2024-6197 * CVE-2024-7264 CVSS scores: * CVE-2024-2004 ( SUSE ): 3.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N * CVE-2024-2004 ( NVD ): 3.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N * CVE-2024-2379 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-2379 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-2398 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-2466 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-6197 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-6197 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6197 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7264 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2024-7264 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-7264 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Affected Products: * SUSE Linux Micro 6.0 An update that solves six vulnerabilities can now be installed. ## Description: This update for curl fixes the following issues: Security issues fixed: * CVE-2024-7264: ASN.1 date parser overread (bsc#1228535) * CVE-2024-6197: Freeing stack buffer in utf8asn1str (bsc#1227888) * CVE-2024-2379: QUIC certificate check bypass with wolfSSL (bsc#1221666) * CVE-2024-2466: TLS certificate check bypass with mbedTLS (bsc#1221668) * CVE-2024-2004: Usage of disabled protocol (bsc#1221665) * CVE-2024-2398: HTTP/2 push headers memory-leak (bsc#1221667) Non-security issue fixed: * Fixedvarious TLS related issues including FTP over SSL transmission timeouts. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-30=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * curl-debugsource-8.6.0-3.1 * curl-8.6.0-3.1 * libcurl4-debuginfo-8.6.0-3.1 * curl-debuginfo-8.6.0-3.1 * libcurl4-8.6.0-3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2004.html * https://www.suse.com/security/cve/CVE-2024-2379.html * https://www.suse.com/security/cve/CVE-2024-2398.html * https://www.suse.com/security/cve/CVE-2024-2466.html * https://www.suse.com/security/cve/CVE-2024-6197.html * https://www.suse.com/security/cve/CVE-2024-7264.html * https://bugzilla.suse.com/show_bug.cgi?id=1221665 * https://bugzilla.suse.com/show_bug.cgi?id=1221666 * https://bugzilla.suse.com/show_bug.cgi?id=1221667 * https://bugzilla.suse.com/show_bug.cgi?id=1221668 * https://bugzilla.suse.com/show_bug.cgi?id=1227888 * https://bugzilla.suse.com/show_bug.cgi?id=1228535 . This post discusses a patch released for wget in Fedora Linux targeting several medium vulnerabilities. Keep your system safe!. SUSE Linux Micro, curl vulnerabilities, security advisory, software update. . LinuxSecurity.com Team
Jun 04, 2025
SuSE
202
security advisorysoftware updatethreat managementopenSUSE Tumbleweed: 2025:15149-1 moderate: MozillaThunderbird Threat Fix
An update that solves 2 vulnerabilities can now be installed.. # MozillaThunderbird-128.10.2-1.1 on GA media Announcement ID: openSUSE-SU-2025:15149-1 Rating: moderate Cross-References: * CVE-2025-4918 * CVE-2025-4919 CVSS scores: * CVE-2025-4918 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-4918 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-4919 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-4919 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the MozillaThunderbird-128.10.2-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * MozillaThunderbird 128.10.2-1.1 * MozillaThunderbird-openpgp-librnp 128.10.2-1.1 * MozillaThunderbird-translations-common 128.10.2-1.1 * MozillaThunderbird-translations-other 128.10.2-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4918.html * https://www.suse.com/security/cve/CVE-2025-4919.html . Significant patch released for MozillaThunderbird in openSUSE Tumbleweed tackles crucial vulnerabilities and improves protection for users.. MozillaThunderbird Update, openSUSE Security, Moderate Threat Resolution. . LinuxSecurity.com Team
May 24, 2025
OpenSUSE
202
security advisoryupdatethreat mitigationopenSUSE Tumbleweed: 2025:15135-1 moderate: govulncheck update
An update that solves 11 vulnerabilities can now be installed.. # govulncheck-vulndb-0.0.20250515T200012-1.1 on GA media Announcement ID: openSUSE-SU-2025:15135-1 Rating: moderate Cross-References: * CVE-2024-52290 * CVE-2024-8063 * CVE-2025-3757 * CVE-2025-3931 * CVE-2025-4432 * CVE-2025-46331 * CVE-2025-4658 * CVE-2025-46721 * CVE-2025-46735 * CVE-2025-46815 * CVE-2025-46816 Affected Products: * openSUSE Tumbleweed An update that solves 11 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the govulncheck-vulndb-0.0.20250515T200012-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * govulncheck-vulndb 0.0.20250515T200012-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-52290.html * https://www.suse.com/security/cve/CVE-2024-8063.html * https://www.suse.com/security/cve/CVE-2025-3757.html * https://www.suse.com/security/cve/CVE-2025-3931.html * https://www.suse.com/security/cve/CVE-2025-4432.html * https://www.suse.com/security/cve/CVE-2025-46331.html * https://www.suse.com/security/cve/CVE-2025-4658.html * https://www.suse.com/security/cve/CVE-2025-46721.html * https://www.suse.com/security/cve/CVE-2025-46735.html * https://www.suse.com/security/cve/CVE-2025-46815.html * https://www.suse.com/security/cve/CVE-2025-46816.html . An advisory is out for govulncheck-vulndb-0.0.20250515T200012-1.1 for openSUSE users, indicating moderate vulnerabilities needing attention for better security. openSUSE security, govulncheck update, moderate vulnerabilities, software advisory. . LinuxSecurity.com Team
May 21, 2025
OpenSUSE
202
security advisorysoftware updateopenSUSEopenSUSE: 2025:1007-1 moderate: helm Advisory Security Update
An update that solves one vulnerability can now be installed.. # Security update for helm Announcement ID: SUSE-SU-2025:1007-1 Release Date: 2025-03-25T08:44:57Z Rating: moderate References: * bsc#1238688 Cross-References: * CVE-2025-22870 CVSS scores: * CVE-2025-22870 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22870 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2025-22870 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for helm fixes the following issues: * CVE-2025-22870: Fixed proxy bypass using IPv6 zone IDs (bsc#1238688). Other fixes: \- Updated to version 3.17.2 \- Updated to 0.37.0 for x/net ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-1007=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-1007=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2025-1007=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1007=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.17.2-150000.1.44.1 * helm-3.17.2-150000.1.44.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * helm-bash-completion-3.17.2-150000.1.44.1 * Containers Module 15-SP6 (aarch64 ppc64les390x x86_64) * helm-debuginfo-3.17.2-150000.1.44.1 * helm-3.17.2-150000.1.44.1 * Containers Module 15-SP6 (noarch) * helm-bash-completion-3.17.2-150000.1.44.1 * helm-zsh-completion-3.17.2-150000.1.44.1 * SUSE Package Hub 15 15-SP6 (noarch) * helm-fish-completion-3.17.2-150000.1.44.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * helm-debuginfo-3.17.2-150000.1.44.1 * helm-3.17.2-150000.1.44.1 * openSUSE Leap 15.6 (noarch) * helm-bash-completion-3.17.2-150000.1.44.1 * helm-zsh-completion-3.17.2-150000.1.44.1 * helm-fish-completion-3.17.2-150000.1.44.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22870.html * https://bugzilla.suse.com/show_bug.cgi?id=1238688 . A security update addressing a proxy bypass issue for helm in openSUSE Leap 15.6, rated as moderate.. update, solves, vulnerability, installed, security, announcemen. . LinuxSecurity.com Team
Mar 25, 2025
OpenSUSE
202
security advisorymoderateupdateopenSUSE Tumbleweed: 2025:14844-1 moderate: bsdtar security update
An update that solves one vulnerability can now be installed.. # bsdtar-3.7.7-2.1 on GA media Announcement ID: openSUSE-SU-2025:14844-1 Rating: moderate Cross-References: * CVE-2024-57970 CVSS scores: * CVE-2024-57970 ( SUSE ): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-57970 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the bsdtar-3.7.7-2.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * bsdtar 3.7.7-2.1 * libarchive-devel 3.7.7-2.1 * libarchive13 3.7.7-2.1 * libarchive13-32bit 3.7.7-2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-57970.html . A moderate security update has been issued for bsdtar on openSUSE. It is crucial to update to avoid potential threats due to identified vulnerabilities. bsdtar security, openSUSE update, advisory information, moderate rating, cross-reference issue. . LinuxSecurity.com Team
Feb 28, 2025
OpenSUSE
202
security advisorymoderatesecurity issueopenSUSE Tumbleweed: 2025:14825-1 moderate: luanti buffer issue
An update that solves one vulnerability can now be installed.. # luanti-5.11.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:14825-1 Rating: moderate Cross-References: * CVE-2022-35978 Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the luanti-5.11.0-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * luanti 5.11.0-1.1 * luanti-data 5.11.0-1.1 * luanti-lang 5.11.0-1.1 * luantiserver 5.11.0-1.1 ## References: * https://www.suse.com/security/cve/CVE-2022-35978.html . The latest luanti-5.11.0-1.1 security update in openSUSE Tumbleweed fixes vulnerabilities of moderate severity, enhancing system protection and stability. luanti, openSUSE, software security, Tumbleweed update. . LinuxSecurity.com Team
Feb 21, 2025
OpenSUSE
202
security advisorysecurity issueopenSUSEopenSUSE Tumbleweed: 2025:14693-1 moderate: go1.24 security issues
An update that solves 4 vulnerabilities can now be installed.. # go1.24-1.24rc2-1.1 on GA media Announcement ID: openSUSE-SU-2025:14693-1 Rating: moderate Cross-References: * CVE-2024-45336 * CVE-2024-45340 * CVE-2024-45341 * CVE-2025-22865 CVSS scores: * CVE-2024-45340 ( SUSE ): 7.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L * CVE-2025-22865 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Tumbleweed An update that solves 4 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the go1.24-1.24rc2-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * go1.24 1.24rc2-1.1 * go1.24-doc 1.24rc2-1.1 * go1.24-libstd 1.24rc2-1.1 * go1.24-race 1.24rc2-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45336.html * https://www.suse.com/security/cve/CVE-2024-45340.html * https://www.suse.com/security/cve/CVE-2024-45341.html * https://www.suse.com/security/cve/CVE-2025-22865.html . An important patch for Fedora Rawhide resolves several vulnerabilities in libxyz-2.3.1-2.1.1 package with an elevated risk assessment.. go security update, openSUSE advisory, Tumbleweed patch. . Severity: Important. LinuxSecurity.com Team
Jan 25, 2025
•Important
OpenSUSE
202
security advisorysecurity issueserver threatopenSUSE Tumbleweed: 2025:14623-1 moderate: tomcat10 update details
An update that solves 2 vulnerabilities can now be installed.. # tomcat10-10.1.34-1.1 on GA media Announcement ID: openSUSE-SU-2025:14623-1 Rating: moderate Cross-References: * CVE-2024-50379 * CVE-2024-54677 CVSS scores: * CVE-2024-50379 ( SUSE ): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50379 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-54677 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54677 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the tomcat10-10.1.34-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * tomcat10 10.1.34-1.1 * tomcat10-admin-webapps 10.1.34-1.1 * tomcat10-doc 10.1.34-1.1 * tomcat10-docs-webapp 10.1.34-1.1 * tomcat10-el-5_0-api 10.1.34-1.1 * tomcat10-embed 10.1.34-1.1 * tomcat10-jsp-3_1-api 10.1.34-1.1 * tomcat10-jsvc 10.1.34-1.1 * tomcat10-lib 10.1.34-1.1 * tomcat10-servlet-6_0-api 10.1.34-1.1 * tomcat10-webapps 10.1.34-1.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50379.html * https://www.suse.com/security/cve/CVE-2024-54677.html . Update for tomcat10-10.1.34-2.0 on openSUSE Tumbleweed, targeting specific security vulnerabilities while providing essential corrections.. openSUSE, tomcat10, security update, moderate advisory, server vulnerabilities. . LinuxSecurity.com Team
Jan 08, 2025
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!