Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 524
Alerts This Week
Warning Icon 1 524

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 227 articles for you...
87

Debian Bookworm Linux Critical Local Escalation DSA-6275-1 CVE-2026-46333

One vulnerability has been discovered in the Linux kernel that may lead to a local privilege escalation. For the oldstable distribution (bookworm), this problem has been fixed in version 6.1.172-1. We recommend that you upgrade your linux packages.. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6275-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso May 15, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : linux CVE ID : CVE-2026-46333 One vulnerability has been discovered in the Linux kernel that may lead to a local privilege escalation. For the oldstable distribution (bookworm), this problem has been fixed in version 6.1.172-1. We recommend that you upgrade your linux packages. For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . A critical local privilege escalation vulnerability in the Linux kernel for Debian oldstable bookworm requires immediate upgrade.. Debian security advisory, Linux kernel update, privilege escalation. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 15, 2026 Critical Debian
87

Debian DSA-6262-1 lcms2 Important Integer Overflow Advisory

Two integer overflows were discovered in the LittleCMS 2 colour management library. For the oldstable distribution (bookworm), this problem has been fixed in version 2.14-2+deb12u1. For the stable distribution (trixie), this problem has been fixed in. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6262-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff May 10, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : lcms2 CVE ID : CVE-2026-41254 CVE-2026-42798 Two integer overflows were discovered in the LittleCMS 2 colour management library. For the oldstable distribution (bookworm), this problem has been fixed in version 2.14-2+deb12u1. For the stable distribution (trixie), this problem has been fixed in version 2.16-2+deb13u2. We recommend that you upgrade your lcms2 packages. For the detailed security status of lcms2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/lcms2 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Integer overflows fixed in lcms2 library for Debian distributions. Upgrade recommended for stability.. Debian DSA-6262-1 lcms2 integer overflow package update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 May 10, 2026 Important Debian
217

Oracle Linux 8: ELSA-2025-7569 critical: yelp library fix

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-7569 http://linux.oracle.com/errata/ELSA-2025-7569.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: yelp-3.28.1-3.el8_10.1.x86_64.rpm yelp-libs-3.28.1-3.el8_10.1.i686.rpm yelp-libs-3.28.1-3.el8_10.1.x86_64.rpm yelp-xsl-3.28.0-2.el8_10.1.noarch.rpm yelp-devel-3.28.1-3.el8_10.1.i686.rpm yelp-devel-3.28.1-3.el8_10.1.x86_64.rpm aarch64: yelp-3.28.1-3.el8_10.1.aarch64.rpm yelp-libs-3.28.1-3.el8_10.1.aarch64.rpm yelp-xsl-3.28.0-2.el8_10.1.noarch.rpm yelp-devel-3.28.1-3.el8_10.1.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//yelp-3.28.1-3.el8_10.1.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//yelp-xsl-3.28.0-2.el8_10.1.src.rpm Related CVEs: CVE-2025-3155 Description of changes: yelp [2:3.28.1-3.1] - Fix CVE-2025-3155 (RHEL-85922) yelp-xsl [3.28.0-2.1] - Fix CVE-2025-3155 (RHEL-85922) _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Critical security update for Oracle Linux targets CVE-2025-3155 affecting yelp and yelp-xsl packages.. Oracle Linux Updates, Yelp Security Patch, IT Security Advisory, Linux Security Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 16, 2025 Critical Oracle
99

Slackware: 2025-072-01: libxslt Security Advisory Update

New libxslt packages are available for Slackware 15.0 and -current to fix security issues. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] libxslt (SSA:2025-072-01) New libxslt packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/libxslt-1.1.43-i586-1_slack15.0.txz: Upgraded. This update addresses some security issues. Fix use-after-free of XPath context node. Fix UAF related to excluded namespaces. For more information, see: https://www.cve.org/CVERecord?id=CVE-2025-24855 https://www.cve.org/CVERecord?id=CVE-2024-55549 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/libxslt-1.1.43-i586-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/libxslt-1.1.43-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libxslt-1.1.43-i686-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libxslt-1.1.43-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: f1d1d2e5486264bdb2a74a503b895778 libxslt-1.1.43-i586-1_slack15.0.txz Slackware x86_64 15.0 package: 541444169a37a7b5a95a4eaab902cfca libxslt-1.1.43-x86_64-1_slack15.0.txz Slackware -current package: eeac82872efa4ab96e496f8cdfdca5c3 l/libxslt-1.1.43-i686-1.txz Slackware x86_64 -current package: dc967349f714ec44bafee793def22bd5 l/libxslt-1.1.43-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg libxslt-1.1.43-i586-1_slack15.0.txz +-----+ . New libxslt packages for Slackware 15.0 fix important security issues related to use-after-free vulnerabilities.. libxslt, packages, slackware, -current, security, -----begi. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 13, 2025 Important Slackware
99

Slackware 15.0 Libarchive Security Advisory 2024-258-01: Critical Fixes

New libarchive packages are available for Slackware 15.0 and -current to fix security issues. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] libarchive (SSA:2024-258-01) New libarchive packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/libarchive-3.7.5-i586-1_slack15.0.txz: Upgraded. This update fixes the following security issues: fix multiple vulnerabilities identified by SAST (#2251, #2256) cpio: ignore out-of-range gid/uid/size/ino and harden AFIO parsing (#2258) lzop: prevent integer overflow (#2174) rar4: protect copy_from_lzss_window_to_unp() (#2172, CVE-2024-20696) rar4: fix CVE-2024-26256 (#2269) rar4: fix OOB in delta and audio filter (#2148, #2149) rar4: fix out of boundary access with large files (#2179) rar4: add boundary checks to rgb filter (#2210) rar4: fix OOB access with unicode filenames (#2203) rar5: clear 'data ready' cache on window buffer reallocs (#2265) rpm: calculate huge header sizes correctly (#2158) unzip: unify EOF handling (#2175) util: fix out of boundary access in mktemp functions (#2160) uu: stop processing if lines are too long (#2168) For more information, see: https://www.cve.org/CVERecord?id=CVE-2024-20696 https://www.cve.org/CVERecord?id=CVE-2024-26256 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 15.0: Updated package for Slackware x86_64 15.0: Updated package for Slackware -current: Updated package for Slackware x86_64 -current: MD5 signatures: +-------------+ Slackware 15.0 package: f3b7cdacc3d264f4bcc20f078c0c22b4 libarchive-3.7.5-i586-1_slack15.0.txz Slackware x86_64 15.0 package: 2845ee62628435d7995d5351d6e84e79 libarchive-3.7.5-x86_64-1_slack15.0.txz Slackware -current package: cb11536dc6673f3c6b848229129d0363 l/libarchive-3.7.5-i686-1.txz Slackware x86_64 -current package: 35ec40489069558505b9db8bd66ca2c2 l/libarchive-3.7.5-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg libarchive-3.7.5-i586-1_slack15.0.txz +-----+ . New libarchive packages for Slackware 15.0 tackle various security concerns. Upgrading is advised for system protection.. libarchive Update, Slackware Security, Package Upgrade, SAST Issues, Linux Security Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Sep 14, 2024 Critical Slackware
99

Slackware 15.0: SSA:2024-200-01 Moderate: Apache httpd Security Fix

New httpd packages are available for Slackware 15.0 and -current to fix security issues. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] httpd (SSA:2024-200-01) New httpd packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/httpd-2.4.62-i586-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. The first CVE is for Windows, but the second one is an additional fix for the source code disclosure regression when using AddType. Users are recommended to upgrade to version 2.4.62 which fixes this issue. For more information, see: https://www.cve.org/CVERecord?id=CVE-2024-40898 https://www.cve.org/CVERecord?id=CVE-2024-40725 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/httpd-2.4.62-i586-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/httpd-2.4.62-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/httpd-2.4.62-i586-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/httpd-2.4.62-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: 26f16142dba75d509e78213ca5b78258 httpd-2.4.62-i586-1_slack15.0.txz Slackware x86_64 15.0 package: ebaaed99b90d8085efd2ade4e61dec98 httpd-2.4.62-x86_64-1_slack15.0.txz Slackware -currentpackage: c07f7b99705234a02bc0abbfe24c77e6 n/httpd-2.4.62-i586-1.txz Slackware x86_64 -current package: 963391e1167fa2b20f31f222f23d90ae n/httpd-2.4.62-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg httpd-2.4.62-i586-1_slack15.0.txz Then, restart Apache httpd: # /etc/rc.d/rc.httpd stop # /etc/rc.d/rc.httpd start +-----+ . Updated httpd packages for Slackware 15.0 released to mitigate serious security vulnerabilities and enhance stability through latest improvements.. Slackware httpd package upgrade, security advisory, apache fix, software update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 18, 2024 Important Slackware
89

Fedora 39: FEDORA-2024-40ee18b2e7 Moderate: Rust-CPC Denial-Of-Service

This update contains builds from a mini-mass-rebuild for Rust applications (and some C-style libraries). Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information for the Rust standard library (and the resulting low-quality stack traces). Additionally, builds will have picked up fixes for some minor low-priority. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-40ee18b2e7 2024-06-02 03:36:56.060441 -------------------------------------------------------------------------------- Name : rust-cpc Product : Fedora 39 Version : 1.9.3 Release : 3.fc39 URL : Summary : Evaluates math expressions, with support for units and conversion between units Description : Evaluates math expressions, with support for units and conversion between units. -------------------------------------------------------------------------------- Update Information: This update contains builds from a mini-mass-rebuild for Rust applications (and some C-style libraries). Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information for the Rust standard library (and the resulting low-quality stack traces). Additionally, builds will have picked up fixes for some minor low-priority security and / or safety fixes in crate dependencies that had not yet been handled via a separate (targeted) rebuild: h2 v0.3.26+ (denial-of-service): https://rustsec.org/advisories/RUSTSEC-2024-0332.html glib v0.19.4+ and backports (UB): core/pull/1343 hashbrown v0.14.5+ (UB): https://github.com/rust-lang/hashbrown/pull/511 rustls v0.22.4+, v0.21.11+ (denial-of-service): https://rustsec.org/advisories/RUSTSEC-2024-0336.html -------------------------------------------------------------------------------- ChangeLog: * Thu May 23 2024 Fabio Valentini - 1.9.3-3 - Rebuild with Rust 1.78 to fix incomplete debuginfo and backtraces * Fri Jan 26 2024 Fedora Release Engineering - 1.9.3-2 -Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-40ee18b2e7' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . The latest Fedora 39 enhancements for rust-cpc boost debugging capabilities and address several minor vulnerabilities stemming from a comprehensive rebuild procedure.. Rust Applications,Fedora Updates,Security Fixes. . LinuxSecurity.com Team

Calendar%202 Jun 02, 2024 Fedora
89

Fedora 40 FEDORA-2024-ce2936b568 Critical: rust-uu_rm Denial Of Service Fix

This update contains builds from a mini-mass-rebuild for Rust applications (and some C-style libraries). Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information for the Rust standard library (and the resulting low-quality stack traces). Additionally, builds will have picked up fixes for some minor low-priority. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-ce2936b568 2024-05-26 01:25:15.719720 -------------------------------------------------------------------------------- Name : rust-uu_rm Product : Fedora 40 Version : 0.0.23 Release : 3.fc40 URL : Summary : rm ~ (uutils) remove PATHNAME Description : rm ~ (uutils) remove PATHNAME. -------------------------------------------------------------------------------- Update Information: This update contains builds from a mini-mass-rebuild for Rust applications (and some C-style libraries). Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information for the Rust standard library (and the resulting low-quality stack traces). Additionally, builds will have picked up fixes for some minor low-priority security and / or safety fixes in crate dependencies that had not yet been handled via a separate (targeted) rebuild: h2 v0.3.26+ (denial-of-service): https://rustsec.org/advisories/RUSTSEC-2024-0332.html glib v0.19.4+ and backports (UB): core/pull/1343 hashbrown v0.14.5+ (UB): https://github.com/rust-lang/hashbrown/pull/511 rustls v0.22.4+, v0.21.11+ (denial-of-service): https://rustsec.org/advisories/RUSTSEC-2024-0336.html -------------------------------------------------------------------------------- ChangeLog: * Thu May 23 2024 Fabio Valentini - 0.0.23-3 - Rebuild with Rust 1.78 to fix incomplete debuginfo and backtraces -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnfupgrade --advisory FEDORA-2024-ce2936b568' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . The recent Fedora enhancement for rust-uu_rm introduces vital corrections and upgrades aimed at boosting both safety measures and system efficiency.. Fedora Security Advisory, Rust Update, DoS Patch, C-Style Libraries. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 26, 2024 Critical Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200