Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Security Notice 2026-2328-1 Significant Updates on Four Xen Risks

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

openSUSE 2026-2328-1 Xen Important Buffer Overflow Patch

Calendar White Jun 10, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE Leap 15.6 Important Xen Denial of Service Fix SUSE-SU-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

openSUSE Important xen Patch for Multiple Threats SUSE-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE MariaDB Critical Security Fix 12 Vulnerabilities 2026-2330-1

Calendar White Jun 10, 2026
Critical
Ubuntu Large Esm H900
Ubuntu

Ubuntu 22.04 LTS Exim4 Moderate Regression CVE-2023-42117

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

SUSE StrongSwan Important Double-Free CVE-2026-47895 Advisory 2026-2312-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE vim Important Command Injection Buffer Overflow Update 2026-2313-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

openSUSE Important libsoup HTTP Request Smuggling Vulnerability 2026-2314-1

Calendar White Jun 10, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorysecurity updatesoftware update

openSUSE 15.4 15.5 SUSE-SU-2023:3252-1 moderate: wireshark fixes

This update for wireshark fixes the following issues: Update to Wireshark 3.6.15: \- Further features, bug fixes and updated protocol support as listed in:. # Security update for wireshark Announcement ID: SUSE-SU-2023:3252-1 Rating: moderate References: * #1211703 * #1211705 * #1211706 * #1211707 * #1211710 * #1211793 * #1211844 * #1212084 * #1213319 Cross-References: * CVE-2023-0667 * CVE-2023-0668 * CVE-2023-2855 * CVE-2023-2856 * CVE-2023-2857 * CVE-2023-2858 * CVE-2023-2879 * CVE-2023-2952 * CVE-2023-3648 CVSS scores: * CVE-2023-0667 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2023-0667 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-0668 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-0668 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-2855 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-2856 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-2856 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-2857 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-2857 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-2858 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-2858 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-2879 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-2879 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-2952 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-2952 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-3648 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-3648 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L Affected Products: * Basesystem Module 15-SP4 * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP4 * Desktop ApplicationsModule 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves nine vulnerabilities can now be installed. ## Description: This update for wireshark fixes the following issues: Update to Wireshark 3.6.15: \- Further features, bug fixes and updated protocol support as listed in: https://www.wireshark.org/docs/relnotes/wireshark-3.6.15.html Security fixes: \- CVE-2023-0667: Fixed failure to validate MS-MMS packet length (bsc#1212084). \- CVE-2023-0668: Fixed IEEE C37.118 Synchrophasor dissector crash (bsc#1211710). \- CVE-2023-2855: Fixed Candump log file parser crash (bsc#1211703). \- CVE-2023-2856: Fixed VMS TCPIPtrace file parser crash (bsc#1211707). \- CVE-2023-2857: Fixed BLF file parser crash (bsc#1211705). \- CVE-2023-2858: Fixed NetScaler file parser crash (bsc#1211706). \- CVE-2023-2879: Fixed GDSDB dissector infinite loop (bsc#1211793). \- CVE-2023-2952: Fixed XRA dissector infinite loop (bsc#1211844). \- CVE-2023-3648: Fixed Kafka dissector crash (bsc#1213319). ## Patch Instructions: To install this SUSE Moderate update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-3252=1 *openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-3252=1 * Basesystem Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3252=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-3252=1 * Desktop Applications Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2023-3252=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2023-3252=1 * SUSE Linux Enterprise Real Time 15 SP3 zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-3252=1 * SUSE Manager Proxy 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-3252=1 * SUSE Manager Retail Branch Server 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.2-2023-3252=1 * SUSE Manager Server 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-3252=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * wireshark-ui-qt-debuginfo-3.6.15-150000.3.97.1 * libwiretap12-debuginfo-3.6.15-150000.3.97.1 * wireshark-ui-qt-3.6.15-150000.3.97.1 * libwiretap12-3.6.15-150000.3.97.1 * libwsutil13-debuginfo-3.6.15-150000.3.97.1 * wireshark-3.6.15-150000.3.97.1 * wireshark-devel-3.6.15-150000.3.97.1 * libwsutil13-3.6.15-150000.3.97.1 * wireshark-debuginfo-3.6.15-150000.3.97.1 * wireshark-debugsource-3.6.15-150000.3.97.1 * libwireshark15-3.6.15-150000.3.97.1 * libwireshark15-debuginfo-3.6.15-150000.3.97.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * wireshark-ui-qt-debuginfo-3.6.15-150000.3.97.1 * libwiretap12-debuginfo-3.6.15-150000.3.97.1 * wireshark-ui-qt-3.6.15-150000.3.97.1 * libwiretap12-3.6.15-150000.3.97.1 * libwsutil13-debuginfo-3.6.15-150000.3.97.1 * wireshark-3.6.15-150000.3.97.1 * wireshark-devel-3.6.15-150000.3.97.1 * libwsutil13-3.6.15-150000.3.97.1 * wireshark-debuginfo-3.6.15-150000.3.97.1 * wireshark-debugsource-3.6.15-150000.3.97.1 * libwireshark15-3.6.15-150000.3.97.1 * libwireshark15-debuginfo-3.6.15-150000.3.97.1 * Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64) * libwiretap12-debuginfo-3.6.15-150000.3.97.1 * libwiretap12-3.6.15-150000.3.97.1 * libwsutil13-debuginfo-3.6.15-150000.3.97.1 * wireshark-3.6.15-150000.3.97.1 * libwsutil13-3.6.15-150000.3.97.1 * wireshark-debuginfo-3.6.15-150000.3.97.1 * wireshark-debugsource-3.6.15-150000.3.97.1 * libwireshark15-3.6.15-150000.3.97.1 * libwireshark15-debuginfo-3.6.15-150000.3.97.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libwiretap12-debuginfo-3.6.15-150000.3.97.1 * libwiretap12-3.6.15-150000.3.97.1 * libwsutil13-debuginfo-3.6.15-150000.3.97.1 * wireshark-3.6.15-150000.3.97.1 * libwsutil13-3.6.15-150000.3.97.1 * wireshark-debuginfo-3.6.15-150000.3.97.1 * wireshark-debugsource-3.6.15-150000.3.97.1 * libwireshark15-3.6.15-150000.3.97.1 * libwireshark15-debuginfo-3.6.15-150000.3.97.1 * Desktop Applications Module 15-SP4 (aarch64 ppc64le s390x x86_64) * wireshark-ui-qt-debuginfo-3.6.15-150000.3.97.1 * wireshark-ui-qt-3.6.15-150000.3.97.1 * wireshark-devel-3.6.15-150000.3.97.1 * wireshark-debuginfo-3.6.15-150000.3.97.1 * wireshark-debugsource-3.6.15-150000.3.97.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * wireshark-ui-qt-debuginfo-3.6.15-150000.3.97.1 * wireshark-ui-qt-3.6.15-150000.3.97.1 * wireshark-devel-3.6.15-150000.3.97.1 * wireshark-debuginfo-3.6.15-150000.3.97.1 * wireshark-debugsource-3.6.15-150000.3.97.1 * SUSE Linux Enterprise Real Time 15 SP3 (x86_64) * wireshark-ui-qt-debuginfo-3.6.15-150000.3.97.1 * libwiretap12-debuginfo-3.6.15-150000.3.97.1 * wireshark-ui-qt-3.6.15-150000.3.97.1 * libwiretap12-3.6.15-150000.3.97.1 * libwsutil13-debuginfo-3.6.15-150000.3.97.1 * wireshark-3.6.15-150000.3.97.1 *wireshark-devel-3.6.15-150000.3.97.1 * libwsutil13-3.6.15-150000.3.97.1 * wireshark-debuginfo-3.6.15-150000.3.97.1 * wireshark-debugsource-3.6.15-150000.3.97.1 * libwireshark15-3.6.15-150000.3.97.1 * libwireshark15-debuginfo-3.6.15-150000.3.97.1 * SUSE Manager Proxy 4.2 (x86_64) * libwiretap12-debuginfo-3.6.15-150000.3.97.1 * libwiretap12-3.6.15-150000.3.97.1 * libwsutil13-debuginfo-3.6.15-150000.3.97.1 * wireshark-3.6.15-150000.3.97.1 * libwsutil13-3.6.15-150000.3.97.1 * wireshark-debuginfo-3.6.15-150000.3.97.1 * wireshark-debugsource-3.6.15-150000.3.97.1 * libwireshark15-3.6.15-150000.3.97.1 * libwireshark15-debuginfo-3.6.15-150000.3.97.1 * SUSE Manager Retail Branch Server 4.2 (x86_64) * libwiretap12-debuginfo-3.6.15-150000.3.97.1 * libwiretap12-3.6.15-150000.3.97.1 * libwsutil13-debuginfo-3.6.15-150000.3.97.1 * wireshark-3.6.15-150000.3.97.1 * libwsutil13-3.6.15-150000.3.97.1 * wireshark-debuginfo-3.6.15-150000.3.97.1 * wireshark-debugsource-3.6.15-150000.3.97.1 * libwireshark15-3.6.15-150000.3.97.1 * libwireshark15-debuginfo-3.6.15-150000.3.97.1 * SUSE Manager Server 4.2 (ppc64le s390x x86_64) * libwiretap12-debuginfo-3.6.15-150000.3.97.1 * libwiretap12-3.6.15-150000.3.97.1 * libwsutil13-debuginfo-3.6.15-150000.3.97.1 * wireshark-3.6.15-150000.3.97.1 * libwsutil13-3.6.15-150000.3.97.1 * wireshark-debuginfo-3.6.15-150000.3.97.1 * wireshark-debugsource-3.6.15-150000.3.97.1 * libwireshark15-3.6.15-150000.3.97.1 * libwireshark15-debuginfo-3.6.15-150000.3.97.1 ## References: * https://www.suse.com/security/cve/CVE-2023-0667.html * https://www.suse.com/security/cve/CVE-2023-0668.html * https://www.suse.com/security/cve/CVE-2023-2855.html * https://www.suse.com/security/cve/CVE-2023-2856.html * https://www.suse.com/security/cve/CVE-2023-2857.html * https://www.suse.com/security/cve/CVE-2023-2858.html * https://www.suse.com/security/cve/CVE-2023-2879.html *https://www.suse.com/security/cve/CVE-2023-2952.html * https://www.suse.com/security/cve/CVE-2023-3648.html * https://bugzilla.suse.com/show_bug.cgi?id=1211703 * https://bugzilla.suse.com/show_bug.cgi?id=1211705 * https://bugzilla.suse.com/show_bug.cgi?id=1211706 * https://bugzilla.suse.com/show_bug.cgi?id=1211707 * https://bugzilla.suse.com/show_bug.cgi?id=1211710 * https://bugzilla.suse.com/show_bug.cgi?id=1211793 * https://bugzilla.suse.com/show_bug.cgi?id=1211844 * https://bugzilla.suse.com/show_bug.cgi?id=1212084 * https://bugzilla.suse.com/show_bug.cgi?id=1213319 . This release addresses various bugs in Wireshark, improving security with significant patches and revised protocol compatibility.. Wireshark Update, Security Advisory, OpenSUSE, Software Fix, Update Patch. . LinuxSecurity.com Team

Calendar 2 Aug 09, 2023 OpenSUSE
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorymoderatesecurity fix

Scientific Linux: SLSA-2015:1254-2 Moderate: curl Security Fix

Moderate: curl security, bug fix, and enhancement update. Date: Mon, 3 Aug 2015 19:24:23 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Connie Sieh Subject: Security ERRATA Moderate: curl on SL6.x i386/x86_64 MIME-Version: 1.0 Message-ID: Synopsis: Moderate: curl security, bug fix, and enhancement update Advisory ID: SLSA-2015:1254-2 Issue Date: 2015-07-22 CVE Numbers: CVE-2014-3613 CVE-2014-3707 CVE-2014-8150 CVE-2015-3143 CVE-2015-3148 -- It was found that the libcurl library did not correctly handle partial literal IP addresses when parsing received HTTP cookies. An attacker able to trick a user into connecting to a malicious server could use this flaw to set the user's cookie to a crafted domain, making other cookie-related issues easier to exploit. (CVE-2014-3613) A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS option for a handle, using the handle's duplicate could cause the application to crash or disclose a portion of its memory. (CVE-2014-3707) It was discovered that the libcurl library failed to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl to access a specially crafted URL via an HTTP proxy could use this flaw to inject additional headers to the request or construct additional requests. (CVE-2014-8150) It was discovered that libcurl implemented aspects of the NTLM and Negotatiate authentication incorrectly. If an application uses libcurl and the affected mechanisms in a specifc way, certain requests to a previously NTLM-authenticated server could appears as sent by the wrong authenticated user. Additionally, the initial set of credentials for HTTP Negotiate- authenticated requests could be reused in subsequent requests, although a different set of credentials was specified. (CVE-2015-3143, CVE-2015-3148) Bug fixes: * An out-of-protocol fallback to SSL version 3.0 (SSLv3.0) wasavailable with libcurl. Attackers could abuse the fallback to force downgrade of the SSL version. The fallback has been removed from libcurl. Users requiring this functionality can explicitly enable SSLv3.0 through the libcurl API. * A single upload transfer through the FILE protocol opened the destination file twice. If the inotify kernel subsystem monitored the file, two events were produced unnecessarily. The file is now opened only once per upload. * Utilities using libcurl for SCP/SFTP transfers could terminate unexpectedly when the system was running in FIPS mode. * Using the "--retry" option with the curl utility could cause curl to terminate unexpectedly with a segmentation fault. Now, adding "--retry" no longer causes curl to crash. * The "curl --trace-time" command did not use the correct local time when printing timestamps. Now, "curl --trace-time" works as expected. * The valgrind utility could report dynamically allocated memory leaks on curl exit. Now, curl performs a global shutdown of the NetScape Portable Runtime (NSPR) library on exit, and valgrind no longer reports the memory leaks. * Previously, libcurl returned an incorrect value of the CURLINFO_HEADER_SIZE field when a proxy server appended its own headers to the HTTP response. Now, the returned value is valid. Enhancements: * The "--tlsv1.0", "--tlsv1.1", and "--tlsv1.2" options are available for specifying the minor version of the TLS protocol to be negotiated by NSS. The "--tlsv1" option now negotiates the highest version of the TLS protocol supported by both the client and the server. * It is now possible to explicitly enable or disable the ECC and the new AES cipher suites to be used for TLS. -- SL6 x86_64 curl-7.19.7-46.el6.x86_64.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.x86_64.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.x86_64.rpm libcurl-devel-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.x86_64.rpm i386 curl-7.19.7-46.el6.i686.rpm curl-debuginfo-7.19.7-46.el6.i686.rpm libcurl-7.19.7-46.el6.i686.rpm libcurl-devel-7.19.7-46.el6.i686.rpm - Scientific Linux Development Team . Recent curl security enhancements address multiple vulnerabilities while significantly improving both efficiency and user experience.. curl security patch, Scientific Linux update, bug fix. . LinuxSecurity.com Team

Calendar 2 Aug 03, 2015 Scientific Linux
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here