Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
219
security advisoryimportantpackage installationRocky Linux 8 PackageKit Critical Security Patch RLSA-2026-11635 Updates
Important: PackageKit security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:11635", "synopsis": "Important: PackageKit security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for PackageKit.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architecture API.\n\nSecurity Fix(es):\n\n* PackageKit: race condition vulnerability leads to arbitrary package installation as root (CVE-2026-41651)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2460604", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2460604", "description": ""}], "cves": [{"name": "CVE-2026-41651", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41651", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-367"}], "references": [], "publishedAt": "2026-04-30T18:01:05.380956Z", "rpms": {"Rocky Linux 8": {"nvras": ["PackageKit-0:1.1.12-8.el8_10.aarch64.rpm", "PackageKit-0:1.1.12-8.el8_10.i686.rpm", "PackageKit-0:1.1.12-8.el8_10.src.rpm", "PackageKit-0:1.1.12-8.el8_10.x86_64.rpm", "PackageKit-command-not-found-0:1.1.12-8.el8_10.aarch64.rpm", "PackageKit-command-not-found-0:1.1.12-8.el8_10.x86_64.rpm", "PackageKit-command-not-found-debuginfo-0:1.1.12-8.el8_10.aarch64.rpm", "PackageKit-command-not-found-debuginfo-0:1.1.12-8.el8_10.x86_64.rpm", "PackageKit-cron-0:1.1.12-8.el8_10.aarch64.rpm", "PackageKit-cron-0:1.1.12-8.el8_10.x86_64.rpm","PackageKit-debuginfo-0:1.1.12-8.el8_10.aarch64.rpm", "PackageKit-debuginfo-0:1.1.12-8.el8_10.i686.rpm", "PackageKit-debuginfo-0:1.1.12-8.el8_10.x86_64.rpm", "PackageKit-debugsource-0:1.1.12-8.el8_10.aarch64.rpm", "PackageKit-debugsource-0:1.1.12-8.el8_10.i686.rpm", "PackageKit-debugsource-0:1.1.12-8.el8_10.x86_64.rpm", "PackageKit-glib-0:1.1.12-8.el8_10.aarch64.rpm", "PackageKit-glib-0:1.1.12-8.el8_10.i686.rpm", "PackageKit-glib-0:1.1.12-8.el8_10.x86_64.rpm", "PackageKit-glib-debuginfo-0:1.1.12-8.el8_10.aarch64.rpm", "PackageKit-glib-debuginfo-0:1.1.12-8.el8_10.i686.rpm", "PackageKit-glib-debuginfo-0:1.1.12-8.el8_10.x86_64.rpm", "PackageKit-glib-devel-0:1.1.12-8.el8_10.aarch64.rpm", "PackageKit-glib-devel-0:1.1.12-8.el8_10.i686.rpm", "PackageKit-glib-devel-0:1.1.12-8.el8_10.x86_64.rpm", "PackageKit-gstreamer-plugin-0:1.1.12-8.el8_10.aarch64.rpm", "PackageKit-gstreamer-plugin-0:1.1.12-8.el8_10.x86_64.rpm", "PackageKit-gstreamer-plugin-debuginfo-0:1.1.12-8.el8_10.aarch64.rpm", "PackageKit-gstreamer-plugin-debuginfo-0:1.1.12-8.el8_10.x86_64.rpm", "PackageKit-gtk3-module-0:1.1.12-8.el8_10.aarch64.rpm", "PackageKit-gtk3-module-0:1.1.12-8.el8_10.i686.rpm", "PackageKit-gtk3-module-0:1.1.12-8.el8_10.x86_64.rpm", "PackageKit-gtk3-module-debuginfo-0:1.1.12-8.el8_10.aarch64.rpm", "PackageKit-gtk3-module-debuginfo-0:1.1.12-8.el8_10.i686.rpm", "PackageKit-gtk3-module-debuginfo-0:1.1.12-8.el8_10.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Important security update for PackageKit resolves an arbitrary installation threat in Rocky Linux 8. A must-read advisory.. PackageKit security update, Rocky Linux 8, CVSS score, security threat. . Severity: Important. LinuxSecurity.com Team
Apr 30, 2026
•Important
Rocky Linux
219
security advisoryimportantpackage installationRocky Linux 9 RLSA-2026-11508 Update Notification Major Security Flaw Found
Important: PackageKit security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:11504", "synopsis": "Important: PackageKit security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for PackageKit.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architecture API.\n\nSecurity Fix(es):\n\n* PackageKit: race condition vulnerability leads to arbitrary package installation as root (CVE-2026-41651)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2460604", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2460604", "description": ""}], "cves": [{"name": "CVE-2026-41651", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-41651", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "cvss3BaseScore": "8.8", "cwe": "CWE-367"}], "references": [], "publishedAt": "2026-04-30T12:03:33.126838Z", "rpms": {"Rocky Linux 9": {"nvras": ["PackageKit-0:1.2.6-2.el9_7.aarch64.rpm", "PackageKit-0:1.2.6-2.el9_7.ppc64le.rpm", "PackageKit-0:1.2.6-2.el9_7.s390x.rpm", "PackageKit-0:1.2.6-2.el9_7.src.rpm", "PackageKit-0:1.2.6-2.el9_7.x86_64.rpm", "PackageKit-command-not-found-0:1.2.6-2.el9_7.aarch64.rpm", "PackageKit-command-not-found-0:1.2.6-2.el9_7.ppc64le.rpm", "PackageKit-command-not-found-0:1.2.6-2.el9_7.s390x.rpm", "PackageKit-command-not-found-0:1.2.6-2.el9_7.x86_64.rpm", "PackageKit-command-not-found-debuginfo-0:1.2.6-2.el9_7.aarch64.rpm","PackageKit-command-not-found-debuginfo-0:1.2.6-2.el9_7.ppc64le.rpm", "PackageKit-command-not-found-debuginfo-0:1.2.6-2.el9_7.s390x.rpm", "PackageKit-command-not-found-debuginfo-0:1.2.6-2.el9_7.x86_64.rpm", "PackageKit-debuginfo-0:1.2.6-2.el9_7.aarch64.rpm", "PackageKit-debuginfo-0:1.2.6-2.el9_7.i686.rpm", "PackageKit-debuginfo-0:1.2.6-2.el9_7.ppc64le.rpm", "PackageKit-debuginfo-0:1.2.6-2.el9_7.s390x.rpm", "PackageKit-debuginfo-0:1.2.6-2.el9_7.x86_64.rpm", "PackageKit-debugsource-0:1.2.6-2.el9_7.aarch64.rpm", "PackageKit-debugsource-0:1.2.6-2.el9_7.i686.rpm", "PackageKit-debugsource-0:1.2.6-2.el9_7.ppc64le.rpm", "PackageKit-debugsource-0:1.2.6-2.el9_7.s390x.rpm", "PackageKit-debugsource-0:1.2.6-2.el9_7.x86_64.rpm", "PackageKit-glib-0:1.2.6-2.el9_7.aarch64.rpm", "PackageKit-glib-0:1.2.6-2.el9_7.i686.rpm", "PackageKit-glib-0:1.2.6-2.el9_7.ppc64le.rpm", "PackageKit-glib-0:1.2.6-2.el9_7.s390x.rpm", "PackageKit-glib-0:1.2.6-2.el9_7.x86_64.rpm", "PackageKit-glib-debuginfo-0:1.2.6-2.el9_7.aarch64.rpm", "PackageKit-glib-debuginfo-0:1.2.6-2.el9_7.i686.rpm", "PackageKit-glib-debuginfo-0:1.2.6-2.el9_7.ppc64le.rpm", "PackageKit-glib-debuginfo-0:1.2.6-2.el9_7.s390x.rpm", "PackageKit-glib-debuginfo-0:1.2.6-2.el9_7.x86_64.rpm", "PackageKit-glib-devel-0:1.2.6-2.el9_7.aarch64.rpm", "PackageKit-glib-devel-0:1.2.6-2.el9_7.i686.rpm", "PackageKit-glib-devel-0:1.2.6-2.el9_7.ppc64le.rpm", "PackageKit-glib-devel-0:1.2.6-2.el9_7.s390x.rpm", "PackageKit-glib-devel-0:1.2.6-2.el9_7.x86_64.rpm", "PackageKit-gstreamer-plugin-0:1.2.6-2.el9_7.aarch64.rpm", "PackageKit-gstreamer-plugin-0:1.2.6-2.el9_7.ppc64le.rpm", "PackageKit-gstreamer-plugin-0:1.2.6-2.el9_7.x86_64.rpm", "PackageKit-gstreamer-plugin-debuginfo-0:1.2.6-2.el9_7.aarch64.rpm", "PackageKit-gstreamer-plugin-debuginfo-0:1.2.6-2.el9_7.ppc64le.rpm", "PackageKit-gstreamer-plugin-debuginfo-0:1.2.6-2.el9_7.x86_64.rpm", "PackageKit-gtk3-module-0:1.2.6-2.el9_7.aarch64.rpm", "PackageKit-gtk3-module-0:1.2.6-2.el9_7.ppc64le.rpm", "PackageKit-gtk3-module-0:1.2.6-2.el9_7.s390x.rpm","PackageKit-gtk3-module-0:1.2.6-2.el9_7.x86_64.rpm", "PackageKit-gtk3-module-debuginfo-0:1.2.6-2.el9_7.aarch64.rpm", "PackageKit-gtk3-module-debuginfo-0:1.2.6-2.el9_7.ppc64le.rpm", "PackageKit-gtk3-module-debuginfo-0:1.2.6-2.el9_7.s390x.rpm", "PackageKit-gtk3-module-debuginfo-0:1.2.6-2.el9_7.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. This advisory outlines an important security update for PackageKit on Rocky Linux, addressing a race condition vulnerability.. PackageKit update, Rocky Linux security, Important advisory. . Severity: Important. LinuxSecurity.com Team
Apr 30, 2026
•Important
Rocky Linux
172
security advisoryUbuntuman-in-the-middleUbuntu: 3863-2 Critical: APT Man-In-The-Middle Package Installation
An attacker could trick APT into installing altered packages.. =========================================================================Ubuntu Security Notice USN-3863-2 January 22, 2019 apt vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 ESM Summary: An attacker could trick APT into installing altered packages. Software Description: - apt: Advanced front-end for dpkg Details: USN-3863-1 fixed a vulnerability in APT. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Max Justicz discovered that APT incorrectly handled certain parameters during redirects. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM: apt 0.8.16~exp12ubuntu10.28 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-3863-2 https://ubuntu.com/security/notices/USN-3863-1 CVE-2019-3462 . Alert bulletin addresses a cybersecurity risk impacting Ubuntu 12.04 ESM, providing guidance on how to apply necessary patches.. APT Vulnerability, Ubuntu Security Notice, Package Alterations. . Severity: Critical. LinuxSecurity.com Team
Jan 22, 2019
•Critical
Ubuntu
172
security advisorycriticalUbuntuDebian 10.3: 4825-2 Urgent Package Manager Security Flaw
An attacker could trick APT into installing altered packages.. =========================================================================Ubuntu Security Notice USN-3746-1 August 20, 2018 apt vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: An attacker could trick APT into installing altered packages. Software Description: - apt: Advanced front-end for dpkg Details: It was discovered that APT incorrectly handled the mirror method (mirror://). If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages in environments configured to use mirror:// entries. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: apt 1.6.3ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-3746-1 CVE-2018-0501 Package Information: https://launchpad.net/ubuntu/+source/apt/1.6.3ubuntu0.1 . It's crucial to upgrade Ubuntu 18.04 LTS to address the APT security flaw that may lead to compromised package installations. Ensure your system is safeguarded.. APT Vulnerability, Ubuntu Update, Man-In-The-Middle Threat. . Severity: Critical. LinuxSecurity.com Team
Aug 20, 2018
•Critical
Ubuntu
87
security advisorydebianpackage installationDebian: DSA-3297-1 Urgent Notice on Package Authentication Issue
It was discovered that unattended-upgrades, a script for automatic installation of security upgrades, did not properly authenticate downloaded packages when the force-confold or force-confnew dpkg options were enabled via the DPkg::Options::* apt configuration. . - ------------------------------------------------------------------------- Debian Security Advisory DSA-3297-1
Jun 29, 2015
•Important
Debian
172
security advisorycritical issuecode executionUbuntu 10.04 LTS: 968-1 Critical: Dell Latitude 2110 Code Execution Issue
It was discovered that the Ubuntu image shipped on some Dell Latitude2110 systems was accidentally configured to allow unauthenticated packageinstallations. A remote attacker intercepting network communications ora malicious archive mirror server could exploit this to trick the userinto installing unsigned packages, resulting in arbitrary code execution [More...]. ==========================================================Ubuntu Security Notice USN-968-1 August 05, 2010 base-files vulnerability CVE-2010-0834 ========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.10 Ubuntu 10.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 9.10: base-files 5.0.0ubuntu7.1 Ubuntu 10.04 LTS: base-files 5.0.0ubuntu20.10.04.2 In general, a standard system update will make all the necessary changes. Details follow: It was discovered that the Ubuntu image shipped on some Dell Latitude 2110 systems was accidentally configured to allow unauthenticated package installations. A remote attacker intercepting network communications or a malicious archive mirror server could exploit this to trick the user into installing unsigned packages, resulting in arbitrary code execution with root privileges. Updated packages for Ubuntu 9.10: Source archives: Size/MD5: 853 a699f7de48cd09591785129b4840ef56 Size/MD5: 74901 d802a9135ce2e49e065926b69e16e646 Architecture independent packages: Size/MD5: 788 558c290ae2250679a3836da80fa3ebc0 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 68358 67faf1b12530db1c708ba12994d88f60 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 68354 ec91c2c47ba30e2a3f2c5ee3ef73d812 lpia architecture (Low Power Intel Architecture): Size/MD5: 68360 1feaa5345fd288eca0fdd180ee12e140 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 68364 4543aabd986eced6a2dadd78ab93daf9 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 68366 2ccfbeddb349e6999d93d2505ed40a10 Updated packages for Ubuntu 10.04: Source archives: Size/MD5: 876 9afddf09156582a48e57c76fab0cf4fa Size/MD5: 76356 d57362eab34a8e9f6cf27b595143c332 Architecture independent packages: Size/MD5: 788 3e937b94118602fc84aab4adbe3f9e97 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 70240 2ecf9c810ef2f2315f63881068d8b839 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 70236 d780378cf42209eeb90ed2f68940b837 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 70230 3a5889ee074ddf43e7be7e6cbbc81c16 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 70236 c1fdeedbea2bcb8423ea745406ec3a05 . Dell Latitude 2110 devices are exposed to a flaw that allows improper software installations, creating a threat to system security.. Dell Latitude 2110, Ubuntu Critical Issues, Package Installation Flaw. . Severity: Critical. LinuxSecurity.com Team
Aug 05, 2010
•Critical
Ubuntu
89
security advisoryFedora Coresystem updateFedora Core 5: System Update For cman-kernel Enhancements
Packages updated to load with the latest FC5 kernel (2.6.16-1.2096_FC5). ---------------------------------------------------------------------Fedora Update Notification FEDORA-2006-431 2006-04-27 ---------------------------------------------------------------------Product : Fedora Core 5 Name : cman-kernel Version : 2.6.15.1 Release : 0.FC5.19 Summary : cman-kernel - The Cluster Manager kernel modules Description : cman-kernel - The Cluster Manager kernel modules ---------------------------------------------------------------------Update Information: Packages updated to load with the latest FC5 kernel (2.6.16-1.2096_FC5) ------------------------------------------------------------------------------------------------------------------------------------------This update can be downloaded from: 43770925277b22a798b7a8010ed822c6e5046d00 SRPMS/cman-kernel-2.6.15.1-0.FC5.19.src.rpm 9ac83aba05447c1530b4c903431109efa5d166e4 x86_64/cman-kernel-2.6.15.1-0.FC5.19.x86_64.rpm 2d383d1632a60098df6aeae605e05cfc2b35563e x86_64/cman-kernheaders-2.6.15.1-0.FC5.19.x86_64.rpm f3dfe00d8b96c794ba9b02c5a8682c460c37cbab x86_64/cman-kernel-xenU-2.6.15.1-0.FC5.19.x86_64.rpm 27cf8ffab13b9c2ca82fda8327ad3e97ef873b3a x86_64/cman-kernel-xen0-2.6.15.1-0.FC5.19.x86_64.rpm 6800ef30a539b44f0a1ae3c7de66dd385ce064c9 x86_64/debug/cman-kernel-debuginfo-2.6.15.1-0.FC5.19.x86_64.rpm 7ac9ebd65c94e0da65e0ec045d0b55c055521b64 i386/cman-kernel-2.6.15.1-0.FC5.19.i686.rpm 6480d155653574e657da270bbd521ba2520cb5e4 i386/cman-kernheaders-2.6.15.1-0.FC5.19.i686.rpm c4c94dbf44fc89f90b8253353b500cd781201506 i386/cman-kernel-smp-2.6.15.1-0.FC5.19.i686.rpm 6091d0bfee9bbc8f9b958b9c8408bd883ad6e44f i386/cman-kernel-xenU-2.6.15.1-0.FC5.19.i686.rpm 6d98a69b3c7832474638058a6c49b6dc21d48c9b i386/cman-kernel-xen0-2.6.15.1-0.FC5.19.i686.rpm eb4cb914b1205047c5169167ebd8ec80e4258e05 i386/debug/cman-kernel-debuginfo-2.6.15.1-0.FC5.19.i686.rpm This update can beinstalled with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . ----------------------------------------------------------------------- fedora-announce-list mailing list
Apr 27, 2006
•Critical
Fedora
89
security advisoryurgent updatepackage installationFedora Core 3: RHEL-2008-400 Urgent Dictionary Package Enhancement
Updated package.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2005-300 2005-04-04 ---------------------------------------------------------------------Product : Fedora Core 3 Name : words Version : 3.0 Release : 2.2 Summary : A dictionary of English words for the /usr/share/dict directory. Description : The words file is a dictionary of English words for the /usr/share/dict directory. Some programs use this database of words to check spelling. Password checkers use it to look for bad passwords. ---------------------------------------------------------------------* Mon Apr 4 2005 Karel Zak 3-2.2 - sort with --ignore-case (#147949) ---------------------------------------------------------------------This update can be downloaded from: 95eec17a39d1249675c01f743e4ea31f SRPMS/words-3.0-2.2.src.rpm 5106a950ca5959c1961c1454e9628ea6 x86_64/words-3.0-2.2.noarch.rpm 5106a950ca5959c1961c1454e9628ea6 i386/words-3.0-2.2.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. -----------------------------------------------------------------------fedora-announce-list mailing list
Apr 04, 2005
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!