Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian LTS openssl Important Use-After-Free NULL Pointer Issues DLA-4624-1

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 alsa-lib Important Denial of Service Fix USN-8044-2

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS node-shell-quote Important Denial of Service CVE-2026-9277

Calendar White Jun 09, 2026
Important
Mageia Large Esm H800
Mageia

Mageia 9 Suricata Critical Performance Security Issues MGASA-2026-0181

Calendar White Jun 09, 2026
Critical
Mageia Large Esm H900
Mageia

Mageia 9 PackageKit Important TOCTOU Race Escalation CVE-2026-41651

Calendar White Jun 09, 2026
Important
Mageia Large Esm H900
Mageia

Mageia 9 Unbound Critical Remote Code Execution Advisory 2026-0034

Calendar White Jun 09, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS Netatalk Multiple Security Issues USN-8395-1

Calendar White Jun 09, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 mingw-objfw 1.5.5 Update Security Fix FEDORA-2026-de23fedf3e

Calendar White Jun 08, 2026
Fedora Large Esm H900
Fedora

Fedora 43 objfw Important Update 1.5.5 Bug Fixes June 2026

Calendar White Jun 08, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -3 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorycriticalremote code execution

Ubuntu 24.04 LTS Pagure Critical Security Flaws USN-7984-1

Several security issues were fixed in Pagure.. ========================================================================== Ubuntu Security Notice USN-7984-1 January 29, 2026 pagure vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in Pagure. Software Description: - pagure: A git-centered forge using pygit2 Details: Thomas Chauchefoin discovered that Pagure incorrectly handled symbolic links in Git repositories. A remote attacker could possibly use this issue to cause Pagure to expose files outside the intended repository boundaries. (CVE-2024-4981) Thomas Chauchefoin discovered that Pagure did not properly sanitize path inputs. A remote attacker could possibly use this issue to read arbitrary files. (CVE-2024-4982) Thomas Chauchefoin discovered that Pagure incorrectly handled symbolic links during repository archiving. A remote attacker could possibly use this issue to disclose local files on the server. (CVE-2024-47515) Thomas Chauchefoin discovered that Pagure incorrectly handled certain inputs. A remote attacker could possibly use this issue to execute arbitrary code on the server. (CVE-2024-47516) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS pagure 5.11.3+dfsg-2.1ubuntu0.2 Ubuntu 22.04 LTS pagure 5.11.3+dfsg-1ubuntu0.1 Ubuntu 20.04 LTS pagure 5.8.1+dfsg-3ubuntu0.1~esm1 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7984-1 CVE-2024-47515, CVE-2024-47516, CVE-2024-4981, CVE-2024-4982 Package Information: https://launchpad.net/ubuntu/+source/pagure/5.11.3+dfsg-2.1ubuntu0.2 https://launchpad.net/ubuntu/+source/pagure/5.11.3+dfsg-1ubuntu0.1 . Multiple security flaws in Pagure on Ubuntu allow attackers to read files and execute arbitrary code.. Pagure security fix, Ubuntu advisory, remote code execution threat, symbolic link vulnerability. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 04, 2026 Critical Ubuntu
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorysecurity issueremote code execution

Debian 11: Pagure Critical Issues DLA-4390-1 CVE-2024-4981 CVE-2024-4982

Multiple vulnerabilities have been discovered in Pagure, a Git-centered code hosting system (forge). . ------------------------------------------------------------------------- Debian LTS Advisory DLA-4390-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Daniel Leidert December 01, 2025 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : pagure Version : 5.11.3+dfsg-1+deb11u1 CVE ID : CVE-2024-4981 CVE-2024-4982 CVE-2024-47515 CVE-2024-47516 Debian Bug : 1091383 Multiple vulnerabilities have been discovered in Pagure, a Git-centered code hosting system (forge). CVE-2024-4981 The function _update_file_in_git() follows symbolic links in temporary clones. The fix is to bail out if a file path is outside the temp repo or inside the '.git/' folder to avoid data leak and unauthorized changes in files or git config. CVE-2024-4982 Path traversal in view_issue_raw_file(). CVE-2024-47515 The generate_archive() function follows symbolic links in temporary clones. The fix is to the add actual link rather than the target content to the zip archive. CVE-2024-47516 Fix an injection of additional options to the Git command-line during retrieval of the repository history to prevent remote code execution. For Debian 11 bullseye, these problems have been fixed in version 5.11.3+dfsg-1+deb11u1. We recommend that you upgrade your pagure packages. For the detailed security status of pagure please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/pagure Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Multiple vulnerabilities found in Pagure, affecting Debian LTS. Critical security issuesrequire immediate updates to prevent risks.. Debian Security Pagure Updates. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 01, 2025 Critical Debian LTS
Banner 3 1028x280 1708121785 1771599793
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorysecurity issueupdate

Mageia 7: 2021-0206 Important Advisory for Pagure XSS Threat

Pagure before 5.6 allows XSS via the templates/blame.html blame view. References: - https://bugs.mageia.org/show_bug.cgi?id=27487 - https://bugzilla.suse.com/show_bug.cgi?id=1176987 . MGASA-2021-0206 - Updated pagure packages fix a security vulnerability Publication date: 07 May 2021 URL: https://advisories.mageia.org/MGASA-2021-0206.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-11556 Pagure before 5.6 allows XSS via the templates/blame.html blame view. References: - https://bugs.mageia.org/show_bug.cgi?id=27487 - https://bugzilla.suse.com/show_bug.cgi?id=1176987 - https://pagure.io/pagure/c/31a0d2950ed409550074ca52ba492f9b87ec3318 - https://www.cve.org/CVERecord?id=CVE-2019-11556 SRPMS: - 7/core/pagure-5.5-1.1.mga7 . Recent updates to Pagure packages tackle a critical XSS security flaw in Mageia, providing solutions for vulnerabilities discovered on 07 May 2021.. Mageia XSS Update, Pagure Security Fix, Mageia Advisory, Software Security Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 07, 2021 Important Mageia
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderateupdate

openSUSE: 2020:1810-1 moderate vulnerability: pagure XSS resolution

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for pagure ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:1810-1 Rating: moderate References: #1176987 Cross-References: CVE-2019-11556 Affected Products: openSUSE Backports SLE-15-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for pagure fixes the following issues: - CVE-2019-11556: Fixed XSS via the templates/blame.html blame view (boo#1176987) This update was imported from the openSUSE:Leap:15.1:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP1: zypper in -t patch openSUSE-2020-1810=1 Package List: - openSUSE Backports SLE-15-SP1 (noarch): pagure-5.5-bp151.2.3.1 pagure-ci-5.5-bp151.2.3.1 pagure-ev-5.5-bp151.2.3.1 pagure-loadjson-5.5-bp151.2.3.1 pagure-logcom-5.5-bp151.2.3.1 pagure-milters-5.5-bp151.2.3.1 pagure-mirror-5.5-bp151.2.3.1 pagure-theme-chameleon-5.5-bp151.2.3.1 pagure-theme-default-openSUSE-5.5-bp151.2.3.1 pagure-theme-default-upstream-5.5-bp151.2.3.1 pagure-theme-pagureio-5.5-bp151.2.3.1 pagure-theme-srcfpo-5.5-bp151.2.3.1 pagure-theme-upstream-5.5-bp151.2.3.1 pagure-webhook-5.5-bp151.2.3.1 References: https://www.suse.com/security/cve/CVE-2019-11556.html https://bugzilla.suse.com/1176987 -- . openSUSE announces a critical patch for pagure, tackling identified XSS security flaws and offering step-by-step update guidelines.. openSUSE Security, Pagure Update, Moderate Threat, Software Patch. .LinuxSecurity.com Team

Calendar 2 Nov 01, 2020 OpenSUSE
Banner 3 1028x280 1708121785 1771599793
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderateupdate

openSUSE Leap 15.1: openSUSE-SU-2020:1765-1 Moderate: Pagure XSS Issue

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for pagure ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:1765-1 Rating: moderate References: #1176987 Cross-References: CVE-2019-11556 Affected Products: openSUSE Leap 15.1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for pagure fixes the following issues: - CVE-2019-11556: Fixed XSS via the templates/blame.html blame view (boo#1176987) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2020-1765=1 Package List: - openSUSE Leap 15.1 (noarch): pagure-5.5-lp151.2.3.1 pagure-ci-5.5-lp151.2.3.1 pagure-ev-5.5-lp151.2.3.1 pagure-loadjson-5.5-lp151.2.3.1 pagure-logcom-5.5-lp151.2.3.1 pagure-milters-5.5-lp151.2.3.1 pagure-mirror-5.5-lp151.2.3.1 pagure-theme-chameleon-5.5-lp151.2.3.1 pagure-theme-default-openSUSE-5.5-lp151.2.3.1 pagure-theme-default-upstream-5.5-lp151.2.3.1 pagure-theme-pagureio-5.5-lp151.2.3.1 pagure-theme-srcfpo-5.5-lp151.2.3.1 pagure-theme-upstream-5.5-lp151.2.3.1 pagure-webhook-5.5-lp151.2.3.1 References: https://www.suse.com/security/cve/CVE-2019-11556.html https://bugzilla.suse.com/1176987 -- . Critical medium openSUSE patch for pagure addresses CSRF flaw with Advisory ID openSUSE-SU-2021:1789-1.. openSUSE Update, Security Patch, XSS Exploit Fix, pagure Security. . LinuxSecurity.com Team

Calendar 2 Oct 29, 2020 OpenSUSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderatesecurity update

Fedora 29: Security Advisory for Pagure 5.3 Moderate API Key Leak

Update to Pagure 5.3, which includes the fix for CVE-2019-7628.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-4e72b179e4 2019-02-24 02:32:36.926170 --------------------------------------------------------------------------------Name : pagure Product : Fedora 29 Version : 5.3 Release : 1.fc29 URL : https://pagure.io/pagure Summary : A git-centered forge Description : Pagure is a light-weight git-centered forge based on pygit2. Currently, Pagure offers a web-interface for git repositories, a ticket system and possibilities to create new projects, fork existing ones and create/merge pull-requests across or within projects. --------------------------------------------------------------------------------Update Information: Update to Pagure 5.3, which includes the fix for CVE-2019-7628. --------------------------------------------------------------------------------ChangeLog: * Fri Feb 22 2019 Neal Gompa - 5.3-1 - Update to 5.3 - Add weak dependencies for supported database client libraries - Use macros consistently in the spec * Fri Feb 1 2019 Fedora Release Engineering - 5.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild * Mon Jan 7 2019 Neal Gompa - 5.2-2 - Ensure all shebangs are set to the correct Python version - Fix RHEL conditionals to account for EL8 - Fix pygit2 dependency for EL7 * Mon Jan 7 2019 Neal Gompa - 5.2-1 - Update to 5.2 * Fri Dec 14 2018 Neal Gompa - 5.1.4-2 - Backport fix from master to add compatibility with Markdown 3.0+ - Backport fix from master to properly skip legacy hooks * Tue Oct 30 2018 Neal Gompa - 5.1.4-1 - Update to 5.1.4 * Thu Oct 11 2018 Neal Gompa - 5.1.3-1 - Update to 5.1.3 (RH#1638470) * Tue Oct 9 2018 Neal Gompa - 5.1.1-1 - Update to 5.1.1 (RH#1637595) * Tue Oct 9 2018 Neal Gompa - 5.1-1 - Update to 5.1(RH#1637516) --------------------------------------------------------------------------------References: [ 1 ] Bug #1673985 - CVE-2019-7628: Pagure version 5.2 leaks API keys by e-mail [fedora-29] https://bugzilla.redhat.com/show_bug.cgi?id=1673985 [ 2 ] Bug #1680027 - pagure-5.3 is available https://bugzilla.redhat.com/show_bug.cgi?id=1680027 [ 3 ] Bug #1673984 - CVE-2019-7628: Pagure version 5.2 leaks API keys by e-mail [fedora-rawhide] https://bugzilla.redhat.com/show_bug.cgi?id=1673984 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-4e72b179e4' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . --------------------------------------------------------------------------------Fedora Update Notifi. update, pagure, which, cve-2019-7628, ------------------------------------. . LinuxSecurity.com Team

Calendar 2 Feb 24, 2019 Fedora
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here