Alerts This Week
Warning Icon 1 687
Alerts This Week
Warning Icon 1 687

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
99
Ls Advisories Slackware Esm H240
Price Tag 1security advisorysoftware updateSlackware

Slackware: 2008-210-06 Medium: MTR Small Buffer Rectification

New mtr packages are available for Slackware 12.0, 12.1, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mtr (SSA:2008-210-06) New mtr packages are available for Slackware 12.0, 12.1, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: https://www.cve.org/CVERecord?id=CVE-2008-2357 Here are the details from the Slackware 12.1 ChangeLog: +--------------------------+ patches/packages/mtr-0.73-i486-1_slack12.1.tgz: Upgraded to mtr-0.73. This fixes a minor security bug where a very long hostname in the trace path could lead to an overflow (and most likely just a crash). (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading directly from ftp.slackware.com. Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 12.0: ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/mtr-0.73-i486-1_slack12.0.tgz Updated package for Slackware 12.1: ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/mtr-0.73-i486-1_slack12.1.tgz Updated package for Slackware -current: MD5 signatures: +-------------+ Slackware 12.0 package: a6e7fb366f0cff5b1911566a64eb4e68 mtr-0.73-i486-1_slack12.0.tgz Slackware 12.1 package: db3acb5ce1d51eee9065b02c951b1e81 mtr-0.73-i486-1_slack12.1.tgz Slackware -current package: 004f78f13e150f34d25b5c586b211ca7 mtr-0.73-i486-1.tgz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg mtr-0.73-i486-1_slack12.1.tgz +-----+ . Fresh mtr packages have been released for Slackware 12.0, 12.1, and -current to address a critical security vulnerability. Ensure you upgrade as the root user!. Slackware Security, MTR Update, Package Management. . Severity: Medium. LinuxSecurity.com Team

Calendar 2 Jul 29, 2008 Medium Slackware
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisoryhigh severitygentoo

Gentoo GLSA 200806-01 High: Mtr Stack-Based Buffer Overflow Threat

A stack-based buffer overflow was found in mtr, possibly resulting in the execution of arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200806-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: mtr: Stack-based buffer overflow Date: June 03, 2008 Bugs: #223017 ID: 200806-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A stack-based buffer overflow was found in mtr, possibly resulting in the execution of arbitrary code. Background ========= mtr combines the functionality of the 'traceroute' and 'ping' programs in a single network diagnostic tool. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-analyzer/mtr < 0.73-r1 > = 0.73-r1 Description ========== Adam Zabrocki reported a boundary error within the split_redraw() function in the file split.c, possibly leading to a stack-based buffer overflow. Impact ===== A remote attacker could use a specially crafted resolved hostname to execute arbitrary code with root privileges. However, it is required that the attacker controls the DNS server used by the victim, and that the "-p" (or "--split") command line option is used. Workaround ========= There is no known workaround at this time. Resolution ========= All mtr users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =net-analyzer/mtr-0.73-r1" References ========= [ 1 ] CVE-2008-2357 https://www.cve.org/CVERecord?id=CVE-2008-2357 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200806-01 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2008 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Delve into the Gentoo Linux GLSA 200806-01 advisory on a critical buffer overflow vulnerability in mtr and identify effective strategies to mitigate potential risks associated with this issue. Gentoo Advisory, Mtr Overflow, High Severity Threat. . LinuxSecurity.com Team

Calendar 2 Jun 03, 2008 Gentoo
Banner 2 1028x280 1708121730 1 1771599631
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorybuffer overflowcritical

Debian 4.0 Etch: DSA-1587-1 Critical Mtr Buffer Overflow Risk

Adam Zabrocki discovered that under certain circumstances mtr, a full screen ncurses and X11 traceroute tool, could be tricked into executing arbitrary code via overly long reverse DNS records.. - ------------------------------------------------------------------------Debian Security Advisory DSA-1587-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Steve Kemp May 26, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------Package : mtr Vulnerability : buffer overflow Problem type : remote Debian-specific: no CVE Id(s) : CVE-2008-2357 Adam Zabrocki discovered that under certain circumstances mtr, a full screen ncurses and X11 traceroute tool, could be tricked into executing arbitrary code via overly long reverse DNS records. For the stable distribution (etch), this problem has been fixed in version 0.71-2etch1. For the unstable distribution (sid), this problem has been fixed in version 0.73-1. We recommend that you upgrade your mtr package. Upgrade instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - -------------------------------Source archives: Size/MD5 checksum: 49648 1f32f54087c5cab59d13418277c33959 Size/MD5 checksum: 594 4dae747ffc1de0170d2578b1b09261ed Size/MD5 checksum: 205442 8c1c9f5db2c599eea3b12bfed8b80618 alpha architecture (DEC Alpha) Size/MD5 checksum: 42128 48a8e95d395b07e57852b0005e5225ff Size/MD5 checksum: 57194bd922b8c1a5891f71abbb4777faf4e63 amd64 architecture (AMD x86_64 (AMD64)) Size/MD5 checksum: 52320 0d2aa3398184633044d21bdd70e23073 Size/MD5 checksum: 37766 7513344c840d47a8dca23e1e51d6a0cc arm architecture (ARM) Size/MD5 checksum: 49510 a361681ebc93d48e24d7cca0086b6090 Size/MD5 checksum: 35560 69a3c71e6471813882c63e8201c34b80 hppa architecture (HP PA RISC) Size/MD5 checksum: 54772 4c92f110415d9ef79b54fe91624d892c Size/MD5 checksum: 39920 fff799aabfd4b1fbd313f6512e02f765 i386 architecture (Intel ia32) Size/MD5 checksum: 34832 46c37b88fbaead1b97685aef100bdff3 Size/MD5 checksum: 49498 429bf4027e3adc7a6c65739972f3637e ia64 architecture (Intel ia64) Size/MD5 checksum: 51828 52fa9d983e98c382259f844869ce2a9c Size/MD5 checksum: 68066 389cccac0ec00cbd3e1b32b8372f299b mips architecture (MIPS (Big Endian)) Size/MD5 checksum: 56592 a4706a9a26ded557a35179be774cc4c2 Size/MD5 checksum: 42158 40220a8cc23ea78e02e63899379d9211 mipsel architecture (MIPS (Little Endian)) Size/MD5 checksum: 56468 e422aaae12583d2213208ea93bbf789b Size/MD5 checksum: 42014 8965536180263c10a21cd19f621c2f67 powerpc architecture (PowerPC) Size/MD5 checksum: 39388 40bfc501ea9369f583d17094e5afe106 Size/MD5 checksum: 53204 084b6accfd9f629b940b3100329e9569 s390 architecture (IBM S/390) Size/MD5 checksum: 38036 f4f59a3761e2bbc202471ad64f4aa479 Size/MD5 checksum: 52968 23670acdeae3170a5c9d9041b9785f32 sparc architecture (Sun SPARC/UltraSPARC) Size/MD5 checksum: 49746 ccfde335d99f424062f5594160c7c584 Size/MD5 checksum: 35560 0e8e7a514058ec63dc283d4bb13b67cb These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian's recent alert highlights a vulnerability in the mtr package, risking arbitrary code execution. Users are urged to update to secure versions to address this critical issue. Debian Security, Mtr Update, Code Execution Risk. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 26, 2008 Critical Debian
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysoftware updateFedora Core 4

Fedora Core 4: mtr Update 0.71-0.FC4.1 Critical Network Tool Fix

Updated package.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2006-226 2006-03-27 ---------------------------------------------------------------------Product : Fedora Core 4 Name : mtr Version : 0.71 Release : 0.FC4.1 Summary : A network diagnostic tool. Description : Mtr is a network diagnostic tool that combines ping and traceroute into one program. Mtr provides two interfaces: an ncurses interface, useful for using Mtr from a telnet session; and a GTK+ interface for X (provided in the mtr-gtk package). ---------------------------------------------------------------------* Mon Mar 27 2006 Miroslav Lichvar - 2:0.71-0.FC4.1 - update to mtr-0.71 (fixes #162029, #165339) ---------------------------------------------------------------------This update can be downloaded from: b068a80943de18fe01fba49403c171b0a9bc7578 SRPMS/mtr-0.71-0.FC4.1.src.rpm 0b2484a42cad4a86fc990e8eb1ca0b5ba8baa07d ppc/mtr-0.71-0.FC4.1.ppc.rpm b74ee64188f42502e4a2c4f6b315cfa4e4a5c44a ppc/mtr-gtk-0.71-0.FC4.1.ppc.rpm 068c211ce3eca9c415281798dc677bcc7255cb2d ppc/debug/mtr-debuginfo-0.71-0.FC4.1.ppc.rpm 34b15276d0d804c823c737a48047325b7503a74c x86_64/mtr-0.71-0.FC4.1.x86_64.rpm 46a57a129920f878f724f7a53ec11e1aae7cdfad x86_64/mtr-gtk-0.71-0.FC4.1.x86_64.rpm 89addcbcdc49de3f1f4087b278ece5fba02894c8 x86_64/debug/mtr-debuginfo-0.71-0.FC4.1.x86_64.rpm e72d434c12ca0f5b20b6451c9d27ca5019e62564 i386/mtr-0.71-0.FC4.1.i386.rpm d9d805adedc81079ca7a20543b3d670c463e3d7a i386/mtr-gtk-0.71-0.FC4.1.i386.rpm d068fa52419b5003b7c314019a5f9eee6a6e83a8 i386/debug/mtr-debuginfo-0.71-0.FC4.1.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . ----------------------------------------------------------------------- fedora-announce-list mailinglist This email address is being protected from spambots. You need JavaScript enabled to view it. . Enhancements made to traceroute, a vital utility for diagnosing connectivity problems in Fedora Core 4.. Network Diagnostic Tool, Fedora Core 4, Software Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 27, 2006 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebiansoftware upgrade

Debian GNU/Linux: Mtr Security Advisory March 2000 Local Exploit Risk

The version of mtr as distributed in Debian GNU/Linux 2l1 (aka slink) did not drop root privileges correctly. While there are no known exploits it is conceivable that a weakness in gtk or ncurses could be used to exploit this.. Debian Security Advisory This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Wichert Akkerman March 9, 2000 Package: mtr Vulnerability type: possible local exploit Debian-specific: no The version of mtr as distributed in Debian GNU/Linux 2l1 (aka slink) did not drop root privileges correctly. While there are no known exploits it is conceivable that a weakness in gtk or ncurses could be used to exploit this. This has been fixed in version 0.28-1, and we recommend that you upgrade your mtr package. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.1 alias slink This version of Debian was released only for Intel ia32, the Motorola 680x0, the alpha and the Sun sparc architecture. Source archives: MD5 checksum: a4fd6dbcc3b50914299b5de93d4b4ce8 MD5 checksum: 4570f1d02c68225e5819c0d41a9efb45 MD5 checksum: 40074f51f01fbd295f330401175f9223 Alpha architecture: MD5 checksum: 2aafabb8fe0e618030cdd5a5cab20769 Intel ia32 architecture: MD5 checksum: b1f0fdfa4d213531bd613b69ebe62b14 Motorola 680x0 architecture: MD5 checksum: 6c2089822ed8283885ccd6ab3564bf08 Sun Sparc architecture: MD5 checksum: 024ee70deac4dcb0a78b2cb5eedd287e These files will be moved into soon. For not yet released architectures please refer to the appropriate directory . For apt-get: deb Debian -- Security Information stable updates For dpkg-ftp: dists/stable/updates Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian Mtr advisory highlights local exploit risk from incorrect root privilege handling requiring immediate update.. Debian Security, Mtr Update, LocalExploit Risk, Root Privileges, Software Upgrade. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 09, 2000 Critical Debian
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here