Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 40 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdateFedora

Fedora 40: chromium 2025-8fdc09e745 Security Advisory Updates

Update to 134.0.6998.88 High CVE-2025-1920: Type Confusion in V8 High CVE-2025-2135: Type Confusion in V8 Medium CVE-2025-2136: Use after free in Inspector Medium CVE-2025-2137: Out of bounds read in V8. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-8fdc09e745 2025-03-15 02:51:38.282176+00:00 -------------------------------------------------------------------------------- Name : chromium Product : Fedora 40 Version : 134.0.6998.88 Release : 1.fc40 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). -------------------------------------------------------------------------------- Update Information: Update to 134.0.6998.88 High CVE-2025-1920: Type Confusion in V8 High CVE-2025-2135: Type Confusion in V8 Medium CVE-2025-2136: Use after free in Inspector Medium CVE-2025-2137: Out of bounds read in V8 -------------------------------------------------------------------------------- ChangeLog: * Tue Mar 11 2025 Than Ngo - 134.0.6998.88 -1 - Update to 134.0.6998.88 * High CVE-2025-1920: Type Confusion in V8 * High CVE-2025-2135: Type Confusion in V8 * High CVE-TBD: Out of bounds write in GPU * Medium CVE-2025-2136: Use after free in Inspector * Medium CVE-2025-2137: Out of bounds read in V8 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2351263 - CVE-2025-1920 chromium: Type Confusion in V8 [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2351263 [ 2 ] Bug #2351264 - CVE-2025-1920 chromium: Type Confusion in V8 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2351264 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnfupgrade --advisory FEDORA-2025-8fdc09e745' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Kernel updates for Fedora 40 Chromium address type confusion and out-of-bounds issues with critical fixes.. confusion, update, cve-2025-1920, cve-2025-2135. . LinuxSecurity.com Team

Calendar 2 Mar 15, 2025 Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryupdatereverse engineering

Fedora 40: Update for radare2 5.9.4 Moderate: Out of Bounds Read

Bump to version 5.9.4. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-a562addefa 2024-08-23 01:48:47.285005 -------------------------------------------------------------------------------- Name : radare2 Product : Fedora 40 Version : 5.9.4 Release : 1.fc40 URL : https://radare.org/ Summary : The reverse engineering framework Description : The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable. Radare2 provides a hexadecimal editor, wrapped I/O, file system support, debugger support, diffing between two functions or binaries, and code analysis at opcode, basic block, and function levels. -------------------------------------------------------------------------------- Update Information: Bump to version 5.9.4 -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 12 2024 Michal Ambroz - 5.9.4-1 - bump to 5.9.4 * Fri Jul 19 2024 Fedora Release Engineering - 5.9.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Wed May 22 2024 Michal Ambroz - 5.9.2-1 - bump to 5.9.2 * Sat Apr 20 2024 Michal Ambroz 5.9.0-1 - bump to 5.9.0 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2251066 - TRIAGE CVE-2023-47016 radare2: out of bounds read in xnu kernelcache [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2251066 [ 2 ] Bug #2303807 - iaito-5.9.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2303807 [ 3 ] Bug #2303875 - radare2-5.9.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2303875 [ 4 ] Bug #2304300 - F40FailsToInstall: iaito https://bugzilla.redhat.com/show_bug.cgi?id=2304300 [ 5 ] Bug #2304301 - F39FailsToInstall: iaito https://bugzilla.redhat.com/show_bug.cgi?id=2304301 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-a562addefa' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . The most recent radare2 release from Fedora (version 5.9.4) tackles vulnerabilities such as out-of-bounds reads. Find out more.. Fedora 40, radare2, reverse engineering, software updates. . LinuxSecurity.com Team

Calendar 2 Aug 23, 2024 Fedora
Banner 3 1028x280 1708121785 1771599793
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderateupdate

SUSE: 2024:1136-2 Moderate: C-Ares Out Of Bounds Read Fix

* bsc#1220279 Cross-References: * CVE-2024-25629 . # Security update for c-ares Announcement ID: SUSE-SU-2024:1136-2 Rating: moderate References: * bsc#1220279 Cross-References: * CVE-2024-25629 CVSS scores: * CVE-2024-25629 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability can now be installed. ## Description: This update for c-ares fixes the following issues: * CVE-2024-25629: Fixed out of bounds read in ares__read_line() (bsc#1220279). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1136=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 ## References: * https://www.suse.com/security/cve/CVE-2024-25629.html * https://bugzilla.suse.com/show_bug.cgi?id=1220279 . SUSE has released updates that resolve a significant security flaw in c-ares, rectifying a potential out of bounds read vulnerability. Update promptly.. SUSE Linux Enterprise, c-ares security, software updates, security advisory, vulnerability fix. . LinuxSecurity.com Team

Calendar 2 Jul 12, 2024 SuSE
217
Ls Advisories Oracle Esm H240
Price Tag 1security advisoryupdatelow severity

Oracle Linux 9: ELSA-2024-3842 Low: c-ares Out Of Bounds Read

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-3842 http://linux.oracle.com/errata/ELSA-2024-3842.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: c-ares-1.19.1-2.el9_4.i686.rpm c-ares-1.19.1-2.el9_4.x86_64.rpm c-ares-devel-1.19.1-2.el9_4.i686.rpm c-ares-devel-1.19.1-2.el9_4.x86_64.rpm aarch64: c-ares-1.19.1-2.el9_4.aarch64.rpm c-ares-devel-1.19.1-2.el9_4.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//c-ares-1.19.1-2.el9_4.src.rpm Related CVEs: CVE-2024-25629 Description of changes: [1.19.1-2] - Resolves: RHEL-26529 - Out of bounds read in ares__read_line() [rhel-9] _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux Security Notice ELSA-2024-3842 details enhancements and security patches for c-ares, now accessible through the Unbreakable Linux Network.. oracle linux updates, c-ares security fix, oracle advisory, linux security updates. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Jun 13, 2024 Low Oracle
Banner 3 1028x280 1708121785 1771599793
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderateinstallation instructions

openSUSE 15.5 Moderate: c-ares Out Of Bounds Read Advisory 2024:1136-1

This update for c-ares fixes the following issues: CVE-2024-25629: Fixed out of bounds read in ares__read_line() (bsc#1220279).. # Security update for c-ares Announcement ID: SUSE-SU-2024:1136-1 Rating: moderate References: * bsc#1220279 Cross-References: * CVE-2024-25629 CVSS scores: * CVE-2024-25629 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for c-ares fixes the following issues: * CVE-2024-25629: Fixed out of bounds read in ares__read_line() (bsc#1220279). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1136=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1136=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1136=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1136=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1136=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patchSUSE-SLE-Micro-5.4-2024-1136=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1136=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1136=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1136=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1136=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1136=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1136=1 ## Package List: * openSUSE Leap Micro 5.3 (aarch64 x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * c-ares-utils-debuginfo-1.19.1-150000.3.26.1 * c-ares-utils-1.19.1-150000.3.26.1 * c-ares-devel-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * c-ares-debugsource-1.19.1-150000.3.26.1 * openSUSE Leap 15.5 (x86_64) * libcares2-32bit-1.19.1-150000.3.26.1 * libcares2-32bit-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * SUSE LinuxEnterprise Micro 5.4 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * c-ares-devel-1.19.1-150000.3.26.1 * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 ## References: * https://www.suse.com/security/cve/CVE-2024-25629.html * https://bugzilla.suse.com/show_bug.cgi?id=1220279 . Explore the newly released security advisory for c-ares concerning CVE-2024-25629 in openSUSE, along with detailed installation guidelines.. c-ares Update, openSUSE Advisory, Security Patch, Threat Mitigation. . LinuxSecurity.com Team

Calendar 2 Apr 08, 2024 OpenSUSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderatesoftware update

SUSE: 2024:1136-1 Moderate: c-ares Out Of Bounds Read Fix

* bsc#1220279 Cross-References: * CVE-2024-25629 . # Security update for c-ares Announcement ID: SUSE-SU-2024:1136-1 Rating: moderate References: * bsc#1220279 Cross-References: * CVE-2024-25629 CVSS scores: * CVE-2024-25629 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for c-ares fixes the following issues: * CVE-2024-25629: Fixed out of bounds read in ares__read_line() (bsc#1220279). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1136=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1136=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1136=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1136=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1136=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1136=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1136=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1136=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1136=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1136=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1136=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1136=1 ## Package List: * openSUSE Leap Micro 5.3 (aarch64 x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * c-ares-utils-debuginfo-1.19.1-150000.3.26.1 * c-ares-utils-1.19.1-150000.3.26.1 * c-ares-devel-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * c-ares-debugsource-1.19.1-150000.3.26.1 * openSUSE Leap 15.5 (x86_64) * libcares2-32bit-1.19.1-150000.3.26.1 * libcares2-32bit-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) *c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * c-ares-devel-1.19.1-150000.3.26.1 * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * c-ares-debugsource-1.19.1-150000.3.26.1 * libcares2-1.19.1-150000.3.26.1 * libcares2-debuginfo-1.19.1-150000.3.26.1 ## References: * https://www.suse.com/security/cve/CVE-2024-25629.html * https://bugzilla.suse.com/show_bug.cgi?id=1220279 . The latest patch from SUSE for c-ares fixes a boundary read vulnerability deemed of moderate risk across various implementations.. SUSE C-Ares Security Patch, C-Ares Moderate Update, Linux Patch Management. . LinuxSecurity.com Team

Calendar 2 Apr 08, 2024 SuSE
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorachrome update

Fedora 38: 2024-01f4c93547 High: Chromium Object Issue Notification

Update to 123.0.6312.58 * High CVE-2024-2625: Object lifecycle issue in V8 * Medium CVE-2024-2626: Out of bounds read in Swiftshader * Medium CVE-2024-2627: Use after free in Canvas * Medium CVE-2024-2628: Inappropriate implementation in Downloads. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-01f4c93547 2024-03-23 00:51:57.193889 -------------------------------------------------------------------------------- Name : chromium Product : Fedora 38 Version : 123.0.6312.58 Release : 1.fc38 URL : https://www.chromium.org/Home/ Summary : A WebKit (Blink) powered web browser that Google doesn't want you to use Description : Chromium is an open-source web browser, powered by WebKit (Blink). -------------------------------------------------------------------------------- Update Information: Update to 123.0.6312.58 * High CVE-2024-2625: Object lifecycle issue in V8 * Medium CVE-2024-2626: Out of bounds read in Swiftshader * Medium CVE-2024-2627: Use after free in Canvas * Medium CVE-2024-2628: Inappropriate implementation in Downloads * Medium CVE-2024-2629: Incorrect security UI in iOS * Medium CVE-2024-2630: Inappropriate implementation in iOS * Low CVE-2024-2631: Inappropriate implementation in iOS -------------------------------------------------------------------------------- ChangeLog: * Wed Mar 20 2024 Than Ngo - 123.0.6312.58-1 - update to 123.0.6312.58 * High CVE-2024-2625: Object lifecycle issue in V8 * Medium CVE-2024-2626: Out of bounds read in Swiftshader * Medium CVE-2024-2627: Use after free in Canvas * Medium CVE-2024-2628: Inappropriate implementation in Downloads * Medium CVE-2024-2629: Incorrect security UI in iOS * Medium CVE-2024-2630: Inappropriate implementation in iOS * Low CVE-2024-2631: Inappropriate implementation in iOS * Fri Mar 15 2024 Than Ngo - 123.0.6312.46-1 - update to123.0.6312.46 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2270389 - CVE-2024-2626 CVE-2024-2627 CVE-2024-2628 CVE-2024-2629 CVE-2024-2630 CVE-2024-2631 chromium: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2270389 [ 2 ] Bug #2270393 - CVE-2024-2625 chromium: chromium-browser: Object lifecycle issue in V8 [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2270393 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-01f4c93547' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Important news for Fedora 38: firefox 115.0.2 fixes several vulnerabilities with differing levels of impact.. Fedora Chromium Update, Chromium Object Issue, Linux Security Patch. . LinuxSecurity.com Team

Calendar 2 Mar 23, 2024 Fedora
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisoryhigh severitysecurity issue

Gentoo: GLSA-202402-12 High: GNU Tar Out Of Bounds Read Threat

A vulnerability has been discovered in GNU Tar which may lead to an out of bounds read.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202402-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: GNU Tar: Out of Bounds Read Date: February 18, 2024 Bugs: #898176 ID: 202402-12 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== A vulnerability has been discovered in GNU Tar which may lead to an out of bounds read. Background ========== The GNU Tar program provides the ability to create tar archives, as well as various other kinds of manipulation. Affected packages ================= Package Vulnerable Unaffected ------------ ------------ ------------ app-arch/tar < 1.34-r3 > = 1.34-r3 Description =========== A vulnerability have been discovered in GNU Tar. Please review the CVE identifier referenced below for details. Impact ====== GNU Tar has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs via a V7 archive in which mtime has approximately 11 whitespace characters. Workaround ========== There is no known workaround at this time. Resolution ========== All GNU Tar users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-arch/tar-1.34-r3" References ========== [ 1 ] CVE-2022-48303 https://nvd.nist.gov/vuln/detail/CVE-2022-48303 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202402-12 Concerns? ========= Security is a primary focus of Gentoo Linux andensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2024 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Critical alert for GNU Tar on Arch Linux. Immediate update necessary to address the buffer overflow vulnerability.. Gentoo Advisory,GNU Tar Security,Out Of Bounds,High Severity Threat. . LinuxSecurity.com Team

Calendar 2 Feb 18, 2024 Gentoo
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here