Explore top 10 tips to secure your open-source projects now. Read More
×An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for hostapd ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21360-1 Rating: important References: * bsc#1269892 Cross-References: * CVE-2026-58374 CVSS scores: * CVE-2026-58374 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for hostapd fixes the following issues: Changes in hostapd: - CVE-2026-58374: Missing multi-link parsing validation in wpa_supplicant and hostapd (bsc#1269892) Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-packagehub-423=1 Package List: - openSUSE Leap 16.0: hostapd-2.11-bp160.3.1 References: * https://www.suse.com/security/cve/CVE-2026-58374.html . Fix important security issues in openSUSE Leap 16.0 with hostapd update addressing CVE-2026-58374 and bug fix details.. openSUSE hostapd update network security patch important issues. . Severity: Important. LinuxSecurity.com Team
Important: containernetworking-plugins security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:29703", "synopsis": "Important: containernetworking-plugins security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for containernetworking-plugins.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted. \n\nSecurity Fix(es):\n\n* net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation (CVE-2026-32281)\n\n* crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages (CVE-2026-32283)\n\n* crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building (CVE-2026-32280)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2445356", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356", "description": ""}, {"ticket": "2456333", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333", "description": ""}, {"ticket": "2456338", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338", "description": ""}, {"ticket": "2456339", "sourceBy": "Red Hat", "sourceLink":"https://bugzilla.redhat.com/show_bug.cgi?id=2456339", "description": ""}], "cves": [{"name": "CVE-2026-25679", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25679", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-1286"}, {"name": "CVE-2026-32280", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32280", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-770"}, {"name": "CVE-2026-32281", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32281", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "5.9", "cwe": "CWE-1050"}, {"name": "CVE-2026-32283", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32283", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-764"}], "references": [], "publishedAt": "2026-06-26T12:03:13.137376Z", "rpms": {"Rocky Linux 9": {"nvras": ["containernetworking-plugins-1:1.9.0-3.el9_8.aarch64.rpm", "containernetworking-plugins-1:1.9.0-3.el9_8.ppc64le.rpm", "containernetworking-plugins-1:1.9.0-3.el9_8.s390x.rpm", "containernetworking-plugins-1:1.9.0-3.el9_8.src.rpm", "containernetworking-plugins-1:1.9.0-3.el9_8.x86_64.rpm", "containernetworking-plugins-debuginfo-1:1.9.0-3.el9_8.aarch64.rpm", "containernetworking-plugins-debuginfo-1:1.9.0-3.el9_8.ppc64le.rpm", "containernetworking-plugins-debuginfo-1:1.9.0-3.el9_8.s390x.rpm", "containernetworking-plugins-debuginfo-1:1.9.0-3.el9_8.x86_64.rpm", "containernetworking-plugins-debugsource-1:1.9.0-3.el9_8.aarch64.rpm", "containernetworking-plugins-debugsource-1:1.9.0-3.el9_8.ppc64le.rpm", "containernetworking-plugins-debugsource-1:1.9.0-3.el9_8.s390x.rpm", "containernetworking-plugins-debugsource-1:1.9.0-3.el9_8.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}.Rocky Linux provides an important security update for containernetworking-plugins impacting network connectivity of containers.. Rocky Linux Security Update, containernetworking-plugins Fix, Important Linux Security. . Severity: Important. LinuxSecurity.com Team
libre v4.8.1 (2026-05-28) fmt/pl: add pl_strip_html() sys/fs: add getpwuid fallback for fs_gethome tls: remove unused include rsa.h ice: check source address of incoming application packets. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-bfba5a213d 2026-06-05 04:07:33.980048+00:00 -------------------------------------------------------------------------------- Name : libre Product : Fedora 43 Version : 4.8.1 Release : 1.fc43 URL : https://github.com/baresip/re Summary : Generic library for real-time communications Description : Libre is a generic library for real-time communications with async I/O support. Features are a SIP stack (RFC 3261), SDP, RTP and RTCP, SRTP and SRTCP (Secure RTP), DNS client, STUN/TURN/ICE stack, BFCP, HTTP stack with client/server, Websockets, Jitter buffer, async I/O (poll, epoll, select, kqueue), UDP/TCP/TLS/DTLS transport, JSON parser and Real Time Messaging Protocol (RTMP). -------------------------------------------------------------------------------- Update Information: libre v4.8.1 (2026-05-28) fmt/pl: add pl_strip_html() sys/fs: add getpwuid fallback for fs_gethome tls: remove unused include rsa.h ice: check source address of incoming application packets websock: Fix integer overflow in websock_decode() masked frame check https://github.com/baresip/re/security/advisories/GHSA-hvxv-v2gp-v93h https://github.com/baresip/baresip/issues/3705 -------------------------------------------------------------------------------- ChangeLog: * Thu May 28 2026 Robert Scheck 4.8.1-1 - Upgrade to 4.8.1 (#2482756) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2482756 - libre-4.8.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2482756 -------------------------------------------------------------------------------- This update can be installed with the "dnf" updateprogram. Use su -c 'dnf upgrade --advisory FEDORA-2026-bfba5a213d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
An update that solves 11 vulnerabilities can now be installed.. # libunbound8-1.25.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:10903-1 Rating: moderate Cross-References: * CVE-2026-32792 * CVE-2026-33278 * CVE-2026-40622 * CVE-2026-41292 * CVE-2026-42534 * CVE-2026-42923 * CVE-2026-42944 * CVE-2026-42959 * CVE-2026-42960 * CVE-2026-44390 * CVE-2026-44608 CVSS scores: * CVE-2026-32792 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33278 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H * CVE-2026-40622 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-41292 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42534 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42923 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42944 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2026-42959 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42960 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2026-44390 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-44608 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Tumbleweed An update that solves 11 vulnerabilities can now be installed. ## Description: These are all security issues fixed in the libunbound8-1.25.1-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * libunbound8 1.25.1-1.1 * python3-unbound 1.25.1-1.1 * unbound 1.25.1-1.1 * unbound-anchor 1.25.1-1.1 * unbound-devel 1.25.1-1.1 * unbound-munin 1.25.1-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-32792.html * https://www.suse.com/security/cve/CVE-2026-33278.html * https://www.suse.com/security/cve/CVE-2026-40622.html * https://www.suse.com/security/cve/CVE-2026-41292.html * https://www.suse.com/security/cve/CVE-2026-42534.html *https://www.suse.com/security/cve/CVE-2026-42923.html * https://www.suse.com/security/cve/CVE-2026-42944.html * https://www.suse.com/security/cve/CVE-2026-42959.html * https://www.suse.com/security/cve/CVE-2026-42960.html * https://www.suse.com/security/cve/CVE-2026-44390.html * https://www.suse.com/security/cve/CVE-2026-44608.html . Update available for moderate security issues in libunbound8 package on openSUSE Tumbleweed. Install to mitigate risks.. openSUSE Tumbleweed, libunbound8 update, security issues in Linux, mitigate network risks, software update advisories. . Severity: moderate. LinuxSecurity.com Team
A flaw was found in firewalld where a local unprivileged user can modify the runtime firewall state without proper authentication, leading to unauthorized changes in network security configurations. For Debian 11 bullseye, this problem has been fixed in version 0.9.3-2+deb11u1.. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4585-1
Update NSS to 3.122.2 Update to Firefox 150.0.1. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-6acccc3bff 2026-05-12 01:09:45.650598+00:00 -------------------------------------------------------------------------------- Name : nss Product : Fedora 42 Version : 3.122.2 Release : 1.fc42 URL : http://www.mozilla.org/projects/security/pki/nss/ Summary : Network Security Services Description : Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. -------------------------------------------------------------------------------- Update Information: Update NSS to 3.122.2 Update to Firefox 150.0.1 -------------------------------------------------------------------------------- ChangeLog: * Mon May 4 2026 Frantisek Krenzelok - 3.122.2-1 - Update NSS to 3.122.2 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-6acccc3bff' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Update NSS to 3.122.2 Update to Firefox 150.0.1. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-6bdf499f6b 2026-05-12 00:48:49.533494+00:00 -------------------------------------------------------------------------------- Name : nss Product : Fedora 44 Version : 3.122.2 Release : 1.fc44 URL : http://www.mozilla.org/projects/security/pki/nss/ Summary : Network Security Services Description : Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. -------------------------------------------------------------------------------- Update Information: Update NSS to 3.122.2 Update to Firefox 150.0.1 -------------------------------------------------------------------------------- ChangeLog: * Mon May 4 2026 Frantisek Krenzelok - 3.122.2-1 - Update NSS to 3.122.2 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-6bdf499f6b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
The following updated rpms for have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-50259 http://linux.oracle.com/errata/ELSA-2026-50259.html The following updated rpms for have been uploaded to the Unbreakable LinuxNetwork: x86_64: kernel-uek-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-core-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-devel-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-doc-6.12.0-201.74.2.3.el10uek.noarch.rpm kernel-uek-modules-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-modules-core-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-modules-deprecated-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-modules-desktop-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-modules-extra-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-modules-extra-netfilter-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-modules-usb-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-modules-wireless-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-tools-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-debug-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-debug-core-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-debug-devel-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-debug-modules-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-debug-modules-core-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-debug-modules-deprecated-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-debug-modules-desktop-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-debug-modules-extra-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-debug-modules-usb-6.12.0-201.74.2.3.el10uek.x86_64.rpm kernel-uek-debug-modules-wireless-6.12.0-201.74.2.3.el10uek.x86_64.rpm aarch64: kernel-uek-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-core-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-devel-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-doc-6.12.0-201.74.2.3.el10uek.noarch.rpm kernel-uek-modules-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-modules-core-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-modules-deprecated-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-modules-desktop-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-modules-extra-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-modules-extra-netfilter-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-modules-usb-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-modules-wireless-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-tools-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-debug-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-debug-core-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-debug-devel-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-debug-modules-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-debug-modules-core-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-debug-modules-deprecated-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-debug-modules-desktop-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-debug-modules-extra-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-debug-modules-usb-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek-debug-modules-wireless-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek64k-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek64k-core-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek64k-devel-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek64k-modules-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek64k-modules-core-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek64k-modules-deprecated-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek64k-modules-desktop-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek64k-modules-extra-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek64k-modules-extra-netfilter-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek64k-modules-usb-6.12.0-201.74.2.3.el10uek.aarch64.rpm kernel-uek64k-modules-wireless-6.12.0-201.74.2.3.el10uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/kernel-uek-6.12.0-201.74.2.3.el10uek.src.rpm Related CVEs: CVE-2026-43284 CVE-2026-43500 Description of changes: [6.12.0-201.74.2.3] - rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present (Hyunwoo Kim) [Orabug: 39342689] {CVE-2026-43500} - rxrpc: Fix conn-level packethandling to unshare RESPONSE packets (David Howells) [Orabug: 39342689] - rxrpc: only handle RESPONSE during service challenge (Wang Jie) [Orabug: 39342689] - rxrpc: Fix rxrpc_input_call_event() to only unshare DATA packets (David Howells) [Orabug: 39342689] - rxrpc: Fix potential UAF after skb_unshare() failure (David Howells) [Orabug: 39342689] - rxrpc: Fix re-decryption of RESPONSE packets (David Howells) [Orabug: 39342689] - xfrm: esp: avoid in-place decrypt on shared skb frags (Kuan-Ting Chen) [Orabug: 39342689] {CVE-2026-43284} _______________________________________________ El-errata mailing list
Get the latest Linux and open source security news straight to your inbox.