Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorydenial of servicemoderate severity

Academic Linux: ALP-2022:3571-6 Notice: netcf Service Interruption Risk

Moderate: netcf security, bug fix, and enhancement update. Date: Mon, 21 Dec 2015 23:14:57 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: Security ERRATA Moderate: netcf on SL7.x x86_64 MIME-Version: 1.0 Message-ID: Synopsis: Moderate: netcf security, bug fix, and enhancement update Advisory ID: SLSA-2015:2248-3 Issue Date: 2015-11-19 CVE Numbers: CVE-2014-8119 -- A denial of service flaw was found in netcf. A specially crafted interface name could cause an application using netcf (such as the libvirt daemon) to crash. (CVE-2014-8119) The netcf packages have been upgraded to upstream version 0.2.8, which provides a number of bug fixes and enhancements over the previous version. -- SL7 x86_64 netcf-debuginfo-0.2.8-1.el7.i686.rpm netcf-debuginfo-0.2.8-1.el7.x86_64.rpm netcf-libs-0.2.8-1.el7.i686.rpm netcf-libs-0.2.8-1.el7.x86_64.rpm netcf-0.2.8-1.el7.x86_64.rpm netcf-devel-0.2.8-1.el7.i686.rpm netcf-devel-0.2.8-1.el7.x86_64.rpm - Scientific Linux Development Team . A balanced security patch for netcf resolves a denial of service vulnerability in Scientific Linux. Additional improvements included.. netcf update, scientific linux security, denial of service fix. . LinuxSecurity.com Team

Calendar 2 Dec 21, 2015 Scientific Linux
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hatbug fix

Red Hat 7 RHSA-2015:2248-03 Moderate: Netcf DoS Threat Fix

Updated netcf packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: netcf security, bug fix, and enhancement update Advisory ID: RHSA-2015:2248-03 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2015:2248.html Issue date: 2015-11-19 CVE Names: CVE-2014-8119 ==================================================================== 1. Summary: Updated netcf packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The netcf packages contain a library for modifying the network configuration of a system. Network configuration is expressed in a platform-independent XML format, which netcf translates into changes to the system's "native" network configuration files. A denial of service flaw was found in netcf. A specially crafted interface name couldcause an application using netcf (such as the libvirt daemon) to crash. (CVE-2014-8119) This issue was discovered by Hao Liu of Red Hat. The netcf packages have been upgraded to upstream version 0.2.8, which provides a number of bug fixes and enhancements over the previous version. (BZ#1206680) Users of netcf are advised to upgrade to these updated packages, which fix these bugs and add these enhancements. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 761246 - Bad parsing of network-scripts/ifcfg-xxxx files. 1090011 - Need to limit names of new interfaces to IFNAMSIZ 1113983 - netcf should allow interfaces to be configured with both DHCPv4 and static IPv4 addresses at the same time 1159000 - netcf ignores any IPv4 address past the first one 1170941 - Remove extraneous single quotes from IPV6ADDR_SECONDARIES 1172176 - CVE-2014-8119 netcf: augeas path expression injection via interface name 1206680 - rebase netcf for RHEL7.2 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: netcf-0.2.8-1.el7.src.rpm x86_64: netcf-debuginfo-0.2.8-1.el7.i686.rpm netcf-debuginfo-0.2.8-1.el7.x86_64.rpm netcf-libs-0.2.8-1.el7.i686.rpm netcf-libs-0.2.8-1.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: netcf-0.2.8-1.el7.x86_64.rpm netcf-debuginfo-0.2.8-1.el7.i686.rpm netcf-debuginfo-0.2.8-1.el7.x86_64.rpm netcf-devel-0.2.8-1.el7.i686.rpm netcf-devel-0.2.8-1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: netcf-0.2.8-1.el7.src.rpm x86_64: netcf-0.2.8-1.el7.x86_64.rpm netcf-debuginfo-0.2.8-1.el7.i686.rpm netcf-debuginfo-0.2.8-1.el7.x86_64.rpm netcf-devel-0.2.8-1.el7.i686.rpm netcf-devel-0.2.8-1.el7.x86_64.rpm netcf-libs-0.2.8-1.el7.i686.rpm netcf-libs-0.2.8-1.el7.x86_64.rpm Red Hat Enterprise Linux Server (v.7): Source: netcf-0.2.8-1.el7.src.rpm ppc64: netcf-debuginfo-0.2.8-1.el7.ppc.rpm netcf-debuginfo-0.2.8-1.el7.ppc64.rpm netcf-libs-0.2.8-1.el7.ppc.rpm netcf-libs-0.2.8-1.el7.ppc64.rpm ppc64le: netcf-debuginfo-0.2.8-1.el7.ppc64le.rpm netcf-libs-0.2.8-1.el7.ppc64le.rpm s390x: netcf-debuginfo-0.2.8-1.el7.s390.rpm netcf-debuginfo-0.2.8-1.el7.s390x.rpm netcf-libs-0.2.8-1.el7.s390.rpm netcf-libs-0.2.8-1.el7.s390x.rpm x86_64: netcf-debuginfo-0.2.8-1.el7.i686.rpm netcf-debuginfo-0.2.8-1.el7.x86_64.rpm netcf-libs-0.2.8-1.el7.i686.rpm netcf-libs-0.2.8-1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: netcf-0.2.8-1.el7.ppc64.rpm netcf-debuginfo-0.2.8-1.el7.ppc.rpm netcf-debuginfo-0.2.8-1.el7.ppc64.rpm netcf-devel-0.2.8-1.el7.ppc.rpm netcf-devel-0.2.8-1.el7.ppc64.rpm ppc64le: netcf-0.2.8-1.el7.ppc64le.rpm netcf-debuginfo-0.2.8-1.el7.ppc64le.rpm netcf-devel-0.2.8-1.el7.ppc64le.rpm s390x: netcf-0.2.8-1.el7.s390x.rpm netcf-debuginfo-0.2.8-1.el7.s390.rpm netcf-debuginfo-0.2.8-1.el7.s390x.rpm netcf-devel-0.2.8-1.el7.s390.rpm netcf-devel-0.2.8-1.el7.s390x.rpm x86_64: netcf-0.2.8-1.el7.x86_64.rpm netcf-debuginfo-0.2.8-1.el7.i686.rpm netcf-debuginfo-0.2.8-1.el7.x86_64.rpm netcf-devel-0.2.8-1.el7.i686.rpm netcf-devel-0.2.8-1.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: netcf-0.2.8-1.el7.src.rpm x86_64: netcf-debuginfo-0.2.8-1.el7.i686.rpm netcf-debuginfo-0.2.8-1.el7.x86_64.rpm netcf-libs-0.2.8-1.el7.i686.rpm netcf-libs-0.2.8-1.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: netcf-0.2.8-1.el7.x86_64.rpm netcf-debuginfo-0.2.8-1.el7.i686.rpm netcf-debuginfo-0.2.8-1.el7.x86_64.rpm netcf-devel-0.2.8-1.el7.i686.rpm netcf-devel-0.2.8-1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7.References: https://access.redhat.com/security/cve/CVE-2014-8119 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFWTkGGXlSAg2UNWIIRAu8VAJ9jshyZO0h9q0q7zXwJtiMIhK57UwCfSdt0 po//IgM5HcNroeKxchz7ycw=mSNE -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . The revised netcf packages address a security vulnerability, incorporate various improvements, and are classified as having Moderate significance for Red Hat Enterprise Linux 7.. RedHat Security Update, Netcf Enhancement, Linux Network Security. . LinuxSecurity.com Team

Calendar 2 Nov 19, 2015 Red Hat
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorynetwork securitycritical

Fedora 21 FEDORA-2015-5872 Critical: Netcf CVE-2014-8119 Fix

Security fix for CVE 2014-8119, as well as adding a few other minor bugfixes and enhancements (support for multiple IPv4 addresses, simultaneous static & dhcp for IPv4). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-5872 2015-04-09 05:00:29 -------------------------------------------------------------------------------- Name : netcf Product : Fedora 21 Version : 0.2.8 Release : 1.fc21 URL : https://fedoraproject.org/wiki/Infrastructure/Fedorahosted-retirement Summary : Cross-platform network configuration library Description : Netcf is a library used to modify the network configuration of a system. Network configurations are expressed in a platform-independent XML format, which netcf translates into changes to the system's 'native' network configuration files. -------------------------------------------------------------------------------- Update Information: Security fix for CVE 2014-8119, as well as adding a few other minor bugfixes and enhancements (support for multiple IPv4 addresses, simultaneous static & dhcp for IPv4) -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 8 2015 Laine Stump - 0.2.8-1 - rebase to netcf-0.2.8 - resolve CVE-2014-8119 - Fix build on systems with newer libnl3 that doesn't - support multiple IPv4 addresses in interface config (redhat driver) - allow static IPv4 config simultaneous with DHCPv4 (redhat driver) - recognize IPADDR0/NETMASK0/PREFIX0 - remove extra quotes from IPV6ADDR_SECONDARIES (redhat+suse drivers) - miscellaneous systemd service fixes - use git to apply patches in rpm specfile - revert the 0.2.6-2 specfile patch mentioned below (now fixed properly) * Thu Jan 8 2015 Zbigniew Jędrzejewski-Szmek - 0.2.6-2 - do not write to the console (#1135744) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1172176 - CVE-2014-8119 netcf: augeaspath expression injection via interface name https://bugzilla.redhat.com/show_bug.cgi?id=1172176 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update netcf' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Patch implemented for netcf addressing CVE 2014-8119 with improvements for Fedora 21. Upgrade your systems promptly.. netcf updates, Fedora network security, security patch. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 11, 2015 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalFedora

Fedora 20: Critical Netcf Update (FEDORA-2015-5910) for DoS Issue

Security fix for CVE 2014-8119, as well as adding a few other minor bugfixes and enhancements (support for multiple IPv4 addresses, simultaneous static & dhcp for IPv4). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-5910 2015-04-10 02:58:36 -------------------------------------------------------------------------------- Name : netcf Product : Fedora 20 Version : 0.2.8 Release : 1.fc20 URL : https://fedoraproject.org/wiki/Infrastructure/Fedorahosted-retirement Summary : Cross-platform network configuration library Description : Netcf is a library used to modify the network configuration of a system. Network configurations are expressed in a platform-independent XML format, which netcf translates into changes to the system's 'native' network configuration files. -------------------------------------------------------------------------------- Update Information: Security fix for CVE 2014-8119, as well as adding a few other minor bugfixes and enhancements (support for multiple IPv4 addresses, simultaneous static & dhcp for IPv4) -------------------------------------------------------------------------------- ChangeLog: * Wed Apr 8 2015 Laine Stump - 0.2.8-1 - rebase to netcf-0.2.8 - resolve CVE-2014-8119 - Fix build on systems with newer libnl3 that doesn't - support multiple IPv4 addresses in interface config (redhat driver) - allow static IPv4 config simultaneous with DHCPv4 (redhat driver) - recognize IPADDR0/NETMASK0/PREFIX0 - remove extra quotes from IPV6ADDR_SECONDARIES (redhat+suse drivers) - miscellaneous systemd service fixes - use git to apply patches in rpm specfile - allow interleaved elements in interface XML schema - allow element in vlan and bond interfaces - report link state/speed in interface status - change DHCPv6 to DHCPV6C in ifcfg files - max vlan id is 4095, not 4096 - wait for IFF_UP and IFF_RUNNING after calling ifup - don't require IFF_RUNNING for bridgedevices - avoid memory leak in debian when listing interfaces - avoid use of uninitialized data when getting mac address (fixes https://bugzilla.redhat.com/show_bug.cgi?id=1046594 ) - limit interface names to IFNAMSIZ-1 characters in length - support systemd for netcf-transaction * Sat May 3 2014 Cole Robinson - 0.2.3-6 - Fix reading bridge stp value (bz #1031053) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1172176 - CVE-2014-8119 netcf: augeas path expression injection via interface name https://bugzilla.redhat.com/show_bug.cgi?id=1172176 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update netcf' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Upgrading netcf is crucial for enhancing security and optimizing IPv4 settings in Fedora 20, addressing vulnerabilities and improving network configuration management. Fedora Update, Netcf Library, Security Fix, Network Configuration, Bugfixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 10, 2015 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoracritical severity

Fedora 22: FEDORA-2015-5885 Critical: Netcf Interface Name Fix

Security fix for CVE 2014-8119, as well as adding a few other minor bugfixes and enhancements (support for multiple IPv4 addresses, simultaneous static & dhcp for IPv4). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-5885 2015-04-09 15:30:21 -------------------------------------------------------------------------------- Name : netcf Product : Fedora 22 Version : 0.2.8 Release : 1.fc22 URL : https://fedoraproject.org/wiki/Infrastructure/Fedorahosted-retirement Summary : Cross-platform network configuration library Description : Netcf is a library used to modify the network configuration of a system. Network configurations are expressed in a platform-independent XML format, which netcf translates into changes to the system's 'native' network configuration files. -------------------------------------------------------------------------------- Update Information: Security fix for CVE 2014-8119, as well as adding a few other minor bugfixes and enhancements (support for multiple IPv4 addresses, simultaneous static & dhcp for IPv4) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1172176 - CVE-2014-8119 netcf: augeas path expression injection via interface name https://bugzilla.redhat.com/show_bug.cgi?id=1172176 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update netcf' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailinglist This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Update addressing CVE-2014-8119 vulnerabilities, adding improvements for multiple IPv4 allocations and introducing DHCP compatibility in the netcf component for Fedora 22.. Fedora 22 Security, netcf Fixes, Network Configuration Update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 29, 2015 Critical Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here