Explore top 10 tips to secure your open-source projects now. Read More
×
Update NSS to 3.123.1 Update to Firefox 151.0. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-cd20332935 2026-05-21 01:26:51.960465+00:00 -------------------------------------------------------------------------------- Name : nss Product : Fedora 43 Version : 3.123.1 Release : 1.fc43 URL : http://www.mozilla.org/projects/security/pki/nss/ Summary : Network Security Services Description : Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. -------------------------------------------------------------------------------- Update Information: Update NSS to 3.123.1 Update to Firefox 151.0 -------------------------------------------------------------------------------- ChangeLog: * Thu May 7 2026 Frantisek Krenzelok - 3.123.1-1 - Update NSS to 3.123.1 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-cd20332935' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Update NSS to 3.122.2 Updated to Firefox 150.0.1. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-8978a60b68 2026-05-12 01:30:53.418982+00:00 -------------------------------------------------------------------------------- Name : nss Product : Fedora 43 Version : 3.122.2 Release : 1.fc43 URL : http://www.mozilla.org/projects/security/pki/nss/ Summary : Network Security Services Description : Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. -------------------------------------------------------------------------------- Update Information: Update NSS to 3.122.2 Updated to Firefox 150.0.1 -------------------------------------------------------------------------------- ChangeLog: * Mon May 4 2026 Frantisek Krenzelok - 3.122.2-1 - Update NSS to 3.122.2 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-8978a60b68' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
FRR could allow unintended access to network services.. ========================================================================== Ubuntu Security Notice USN-8175-1 April 15, 2026 frr vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: FRR could allow unintended access to network services. Software Description: - frr: FRRouting suite of internet protocols Details: It was discovered that FRR did not correctly handle certain network requests. A remote attacker could possibly use this issue to gain unauthorized access to resources. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 frr 10.4.1-3ubuntu1.2 Ubuntu 24.04 LTS frr 8.4.4-1.1ubuntu6.6 Ubuntu 22.04 LTS frr 8.1-1ubuntu1.15 Ubuntu 20.04 LTS frr 7.2.1-1ubuntu0.2+esm4 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8175-1 CVE-2026-5107 Package Information: https://launchpad.net/ubuntu/+source/frr/10.4.1-3ubuntu1.2 https://launchpad.net/ubuntu/+source/frr/8.4.4-1.1ubuntu6.6 https://launchpad.net/ubuntu/+source/frr/8.1-1ubuntu1.15 . Discover the FRR security flaw for Ubuntu, which allows potential unauthorized access to network services.. FRR access flaw, Ubuntu network vulnerability, Ubuntu security update. . Severity: Important. LinuxSecurity.com Team
Update NSS to 3.121.0 Update to Firefox 149.0. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-49237e1ced 2026-03-31 01:08:27.845551+00:00 -------------------------------------------------------------------------------- Name : nss Product : Fedora 42 Version : 3.121.0 Release : 1.fc42 URL : http://www.mozilla.org/projects/security/pki/nss/ Summary : Network Security Services Description : Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. -------------------------------------------------------------------------------- Update Information: Update NSS to 3.121.0 Update to Firefox 149.0 -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 3 2026 Frantisek Krenzelok - 3.121.0-1 - Update NSS to 3.121.0 - Updated patch nss-3.118-ml-dsa-leancrypto.patch -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-49237e1ced' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Inetutils could allow unintended access to network services.. ========================================================================== Ubuntu Security Notice USN-7992-2 February 18, 2026 inetutils vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Inetutils could allow unintended access to network services. Software Description: - inetutils: Collection of common network programs Details: USN-7992-1 fixed vulnerabilities in telnetd in Inetutils. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: Kyu Neushwaistein discovered that telnetd in Inetutils incorrectly handled certain environment variables. A remote attacker could use this issue to bypass authentication and open a session as an administrator. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS inetutils-telnetd 2:1.9.4-11ubuntu0.2+esm3 Available with Ubuntu Pro Ubuntu 18.04 LTS inetutils-telnetd 2:1.9.4-3ubuntu0.1+esm4 Available with Ubuntu Pro Ubuntu 16.04 LTS inetutils-telnetd 2:1.9.4-1ubuntu0.1~esm5 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7992-2 https://ubuntu.com/security/notices/USN-7992-1 CVE-2026-24061 . Inetutils fixes important access issue in Ubuntu releases, allowing correction of unintended network service access.. Inetutils Ubuntu Telnet Network Services Access Fix. . Severity: Important. LinuxSecurity.com Team
Erlang could allow unintended access to network services.. ========================================================================== Ubuntu Security Notice USN-7961-1 January 14, 2026 erlang vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS Summary: Erlang could allow unintended access to network services. Software Description: - erlang: Concurrent, real-time, distributed functional language Details: It was discovered that Erlang incorrectly validated peer certificates when incorrect extended key usage was presented. A remote attacker could possibly use this issue to bypass SSL key usage restrictions. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS erlang 1:25.3.2.8+dfsg-1ubuntu4.6 erlang-ssl 1:25.3.2.8+dfsg-1ubuntu4.6 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7961-1 CVE-2024-53846 Package Information: https://launchpad.net/ubuntu/+source/erlang/1:25.3.2.8+dfsg-1ubuntu4.6 . Erlang on Ubuntu 24.04 LTS has critical vulnerabilities that allow unintended network access. Update now!. Erlang security, Ubuntu vulnerabilities, network access exploit, SSL key issues, Ubuntu updates. . Severity: Critical. LinuxSecurity.com Team
OpenVPN could allow unintended access to network services.. ========================================================================== Ubuntu Security Notice USN-7898-1 November 27, 2025 openvpn vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 25.04 - Ubuntu 24.04 LTS Summary: OpenVPN could allow unintended access to network services. Software Description: - openvpn: virtual private network software Details: Joshua Rogers discovered that OpenVPN incorrectly handled HMAC verification checks. A remote attacker could possibly use this issue to bypass source IP address validation. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 openvpn 2.6.14-2ubuntu1.1 Ubuntu 25.04 openvpn 2.6.14-0ubuntu0.25.04.3 Ubuntu 24.04 LTS openvpn 2.6.14-0ubuntu0.24.04.3 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7898-1 CVE-2025-13086 Package Information: https://launchpad.net/ubuntu/+source/openvpn/2.6.14-2ubuntu1.1 https://launchpad.net/ubuntu/+source/openvpn/2.6.14-0ubuntu0.25.04.3 https://launchpad.net/ubuntu/+source/openvpn/2.6.14-0ubuntu0.24.04.3 . OpenVPN update addresses unintended access risk in Ubuntu. Secure your system with recommended patches.. OpenVPN security Ubuntu update unintended access. . Severity: Important. LinuxSecurity.com Team
Go Cryptography could allow unintended access to network services. . ========================================================================== Ubuntu Security Notice USN-7839-1 October 23, 2025 golang-go.crypto vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Go Cryptography could allow unintended access to network services. Software Description: - golang-go.crypto: Supplementary Go cryptography libraries Details: Damien Tournoud, Patrick Dawkins, Vince Parker, and Jules Duvivier discovered that Go Cryptography incorrectly handled public keys during SSH operations. An attacker could possibly use this issue to bypass authorization mechanisms. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS golang-golang-x-crypto-dev 1:0.19.0-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 22.04 LTS golang-golang-x-crypto-dev 1:0.0~git20211202.5770296-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 20.04 LTS golang-golang-x-crypto-dev 1:0.0~git20200221.2aa609c-1ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS golang-go.crypto-dev 1:0.0~git20170629.0.5ef0053-2ubuntu0.1~esm1 Available with Ubuntu Pro golang-golang-x-crypto-dev 1:0.0~git20170629.0.5ef0053-2ubuntu0.1~esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS golang-go.crypto-dev 1:0.0~git20151201.0.7b85b09-2ubuntu0.1~esm1 Available with Ubuntu Pro golang-golang-x-crypto-dev 1:0.0~git20151201.0.7b85b09-2ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7839-1 CVE-2024-45337 . Go Cryptography vulnerability in Ubuntu could allow unauthorized access to network services, requiring immediate updates.. Ubuntu security, Go Cryptography, network access, security update, threat detection. . Severity: Important. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.