Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 12 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora 41: rust-interpolator Critical CVE-2025-62518 Parser Issue Advisory

uv 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md Since uv was built with astral-tokio-tar 0.5.6, this is a security fix for CVE-2025-62518. ruff 0.14.2. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-43a0bff5ea 2025-11-03 01:00:54.501352+00:00 -------------------------------------------------------------------------------- Name : rust-interpolator Product : Fedora 41 Version : 0.5.0 Release : 3.fc41 URL : https://crates.io/crates/interpolator Summary : Runtime format strings, fully compatible with std's macros Description : Runtime format strings, fully compatible with std's macros. -------------------------------------------------------------------------------- Update Information: uv 0.9.5 https://github.com/astral-sh/uv/blob/0.9.5/CHANGELOG.md Since uv was built with astral-tokio-tar 0.5.6, this is a security fix for CVE-2025-62518. ruff 0.14.2 https://github.com/astral-sh/ruff/blob/0.14.2/CHANGELOG.md rust-astral-tokio-tar 0.5.6 Fixed a parser desynchronization vulnerability when reading tar archives that contain mismatched size information in PAX/ustar headers. This vulnerability is being tracked as GHSA-j5gw-2vrg-8fgx and CVE-2025-62518. Initial package for python-uv-build in Fedora 42 Initial packages for a number of new dependencies for ruff and uv. Update rust-tikv-jemallocator and rust-tikv-jemalloc-sys to 0.6.1. Patch openapi-python-client to allow ruff 0.14 -------------------------------------------------------------------------------- ChangeLog: * Sat Oct 4 2025 Benjamin A. Beasley - 0.5.0-3 - Omit some unnecessary dev-dependencies * Sat Oct 4 2025 Benjamin A. Beasley - 0.5.0-2 - No longer allow proptest-derive 0.5 * Thu Oct 2 2025 Benjamin A. Beasley - 0.5.0-1 - Initial package (close RHBZ#2398112) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2360699 -ruff-0.14.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2360699 [ 2 ] Bug #2402441 - rust-reqsign-core-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402441 [ 3 ] Bug #2402442 - rust-reqsign-command-execute-tokio-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402442 [ 4 ] Bug #2402443 - rust-reqsign-http-send-reqwest-2.0.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402443 [ 5 ] Bug #2402881 - python-uv-build-0.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402881 [ 6 ] Bug #2402923 - uv-0.9.5 is available https://bugzilla.redhat.com/show_bug.cgi?id=2402923 [ 7 ] Bug #2405471 - CVE-2025-62518 rust-astral-tokio-tar: astral-tokio-tar Vulnerable to PAX Header Desynchronization [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2405471 [ 8 ] Bug #2405472 - CVE-2025-62518 uv: astral-tokio-tar Vulnerable to PAX Header Desynchronization [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2405472 [ 9 ] Bug #2406135 - ruff-0.14.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2406135 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-43a0bff5ea' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Critical security advisory for rust-interpolator in Fedora 41 due to CVE-2025-62518, requiring immediate updates.. rust-interpolator security advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 03, 2025 Critical Fedora
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycross-site scriptingNULL pointer

Debian 11: DLA-3878-1 Critical: libxml2 XSS and Parsing Vulnerability

Two vulnerabilities have been fixed in the XML library libxml2. CVE-2016-3709 . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3878-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Adrian Bunk September 05, 2024 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : libxml2 Version : 2.9.10+dfsg-6.7+deb11u5 CVE ID : CVE-2016-3709 CVE-2022-2309 Debian Bug : 1039991 Two vulnerabilities have been fixed in the XML library libxml2. CVE-2016-3709 HTML 4 parser cross-site scripting CVE-2022-2309 Parser NULL pointer dereference For Debian 11 bullseye, these problems have been fixed in version 2.9.10+dfsg-6.7+deb11u5. We recommend that you upgrade your libxml2 packages. For the detailed security status of libxml2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/libxml2 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS Advisory DLA-3878-1 fixes libxml2 vulnerabilities, including cross-site scripting and NULL pointer issues. libxml2 Updates, Debian Security, XML Library Advisory, Cross-Site Scripting, NULL Pointer Fix. . LinuxSecurity.com Team

Calendar 2 Sep 05, 2024 Debian LTS
Banner 2 1028x280 1708121730 1 1771599631
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorybuffer overflowmemory leak

Mageia: MGASA-2022-0187 Moderate: ClamAV Infinite Loop and Memory Leak

Infinite loop vulnerability in the CHM file parser. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions. (CVE-2022-20770) Infinite loop vulnerability in the TIFF file parser. Issue affects versions . MGASA-2022-0187 - Updated clamav packages fix security vulnerability Publication date: 15 May 2022 URL: https://advisories.mageia.org/MGASA-2022-0187.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, CVE-2022-20792, CVE-2022-20796 Infinite loop vulnerability in the CHM file parser. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions. (CVE-2022-20770) Infinite loop vulnerability in the TIFF file parser. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions. The issue only occurs if the "--alert-broken-media" ClamScan option is enabled. For ClamD, the affected option is "AlertBrokenMedia yes", and for libclamav it is the "CL_SCAN_HEURISTIC_BROKEN_MEDIA" scan option. (CVE-2022-20771) Memory leak in the HTML file parser / Javascript normalizer. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions. (CVE-2022-20785) Multi-byte heap buffer overflow write vulnerability in the signature database load module. The fix was to update the vendored regex library to the latest version. Issue affects versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions. (CVE-2022-20792) NULL-pointer dereference crash in the scan verdict cache check. Issue affects versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2. (CVE-2022-20796) References: - https://bugs.mageia.org/show_bug.cgi?id=30417 - https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html - https://www.suse.com/support/update/announcement/2022/suse-su-20221647-1/ - - https://www.cve.org/CVERecord?id=CVE-2022-20770 - https://www.cve.org/CVERecord?id=CVE-2022-20771 - https://www.cve.org/CVERecord?id=CVE-2022-20785 -https://www.cve.org/CVERecord?id=CVE-2022-20792 - https://www.cve.org/CVERecord?id=CVE-2022-20796 SRPMS: - 8/core/clamav-0.103.6-1.mga8 . MGASA-2022-0190 tackles various vulnerabilities in OpenSSH, covering endless recursion, resource exhaustion, and integer overflow scenarios.. ClamAV Security, Mageia Package Update, Security Advisory. . LinuxSecurity.com Team

Calendar 2 May 15, 2022 Mageia
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderateupdate

Fedora 32: 2020-307946cfb6 Moderate: Python-Lxml mXSS Security Issue

This update fixes mXSS security vulnerability due to the use of improper parser (CVE-2020-27783). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-307946cfb6 2021-01-14 01:42:30.106511 --------------------------------------------------------------------------------Name : python-lxml Product : Fedora 32 Version : 4.4.1 Release : 5.fc32 URL : https://github.com/lxml/lxml Summary : XML processing library combining libxml2/libxslt with the ElementTree API Description : lxml is a Pythonic, mature binding for the libxml2 and libxslt libraries. It provides safe and convenient access to these libraries using the ElementTree It extends the ElementTree API significantly to offer support for XPath, RelaxNG, XML Schema, XSLT, C14N and much more.To contact the project, go to the project home page < or see our bug tracker at case you want to use the current ... --------------------------------------------------------------------------------Update Information: This update fixes mXSS security vulnerability due to the use of improper parser (CVE-2020-27783) --------------------------------------------------------------------------------ChangeLog: * Fri Dec 18 2020 Mikolaj Izdebski - 4.4.1-5 - Fix mXSS vulnerability due to the use of improper parser - Resolves: CVE-2020-27783 --------------------------------------------------------------------------------References: [ 1 ] Bug #1901633 - CVE-2020-27783 python-lxml: mXSS due to the use of improper parser https://bugzilla.redhat.com/show_bug.cgi?id=1901633 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-307946cfb6' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the FedoraProject GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . The recent patch for Fedora 32 resolves a critical security vulnerability in python-lxml related to an inadequate parser, thereby strengthening the system's defenses.. PythonLxml,FedoraUpdate,SecurityPatch. . LinuxSecurity.com Team

Calendar 2 Jan 13, 2021 Fedora
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderateupdate

Fedora 33: 2020-0e055ea503 Moderate: Fix mXSS Parser Security Issue

This update fixes mXSS security vulnerability due to the use of improper parser (CVE-2020-27783). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-0e055ea503 2021-01-14 01:37:01.292521 --------------------------------------------------------------------------------Name : python-lxml Product : Fedora 33 Version : 4.5.1 Release : 3.fc33 URL : https://github.com/lxml/lxml Summary : XML processing library combining libxml2/libxslt with the ElementTree API Description : lxml is a Pythonic, mature binding for the libxml2 and libxslt libraries. It provides safe and convenient access to these libraries using the ElementTree It extends the ElementTree API significantly to offer support for XPath, RelaxNG, XML Schema, XSLT, C14N and much more.To contact the project, go to the project home page < or see our bug tracker at case you want to use the current ... --------------------------------------------------------------------------------Update Information: This update fixes mXSS security vulnerability due to the use of improper parser (CVE-2020-27783) --------------------------------------------------------------------------------ChangeLog: * Fri Dec 18 2020 Mikolaj Izdebski - 4.5.1-3 - Fix mXSS vulnerability due to the use of improper parser - Resolves: CVE-2020-27783 --------------------------------------------------------------------------------References: [ 1 ] Bug #1901633 - CVE-2020-27783 python-lxml: mXSS due to the use of improper parser https://bugzilla.redhat.com/show_bug.cgi?id=1901633 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-0e055ea503' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the FedoraProject GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . This release fixes a critical mXSS vulnerability in python-lxml for Fedora, enhancing safeguards against flawed parsing complications.. mXSS Security, Python Lxml Update, Fedora Vulnerability Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 13, 2021 Important Fedora
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderatepython

SUSE: 2021:14198-1 Moderate: Python Parser Security Issue

An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for python ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:14198-1 Rating: moderate References: #1149955 Cross-References: CVE-2019-16056 Affected Products: SUSE Linux Enterprise Server 11-SP4-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python fixes the following issues: Security issue fixed: - CVE-2019-16056: Fixed a parser issue in the email module. (bsc#1149955) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4-LTSS: zypper in -t patch slessp4-python-14198=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-python-14198=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-python-14198=1 Package List: - SUSE Linux Enterprise Server 11-SP4-LTSS (i586 ppc64 s390x x86_64): libpython2_6-1_0-2.6.9-40.32.1 python-2.6.9-40.32.2 python-base-2.6.9-40.32.1 python-curses-2.6.9-40.32.2 python-demo-2.6.9-40.32.2 python-gdbm-2.6.9-40.32.2 python-idle-2.6.9-40.32.2 python-tk-2.6.9-40.32.2 python-xml-2.6.9-40.32.1 - SUSE Linux Enterprise Server 11-SP4-LTSS (ppc64 s390x x86_64): libpython2_6-1_0-32bit-2.6.9-40.32.1 python-32bit-2.6.9-40.32.2 python-base-32bit-2.6.9-40.32.1 - SUSE Linux Enterprise Server 11-SP4-LTSS (noarch): python-doc-2.6-8.40.32.1 python-doc-pdf-2.6-8.40.32.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (noarch): python-doc-2.6-8.40.32.1 python-doc-pdf-2.6-8.40.32.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): libpython2_6-1_0-2.6.9-40.32.1 python-2.6.9-40.32.2 python-base-2.6.9-40.32.1 python-curses-2.6.9-40.32.2 python-demo-2.6.9-40.32.2 python-gdbm-2.6.9-40.32.2 python-idle-2.6.9-40.32.2 python-tk-2.6.9-40.32.2 python-xml-2.6.9-40.32.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ppc64 s390x x86_64): python-base-debuginfo-2.6.9-40.32.1 python-base-debugsource-2.6.9-40.32.1 python-debuginfo-2.6.9-40.32.2 python-debugsource-2.6.9-40.32.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): python-base-debuginfo-32bit-2.6.9-40.32.1 python-debuginfo-32bit-2.6.9-40.32.2 References: https://www.suse.com/security/cve/CVE-2019-16056.html https://bugzilla.suse.com/1149955 . Alert: Python address parsing vulnerability identified in SUSE software. Prompt remediation is advised!. SUSE Linux Update, Python Security Patch, System Security Update. . LinuxSecurity.com Team

Calendar 2 Jan 05, 2021 SuSE
Banner 2 1028x280 1708121730 1 1771599631
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderatesecurity issue

SUSE: 2019:2748-2 Moderate: Python Parser Issue and XSS Fix

An update that fixes two vulnerabilities is now available. . SUSE Security Update: Security update for python ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:2748-2 Rating: moderate References: #1149955 #1153238 Cross-References: CVE-2019-16056 CVE-2019-16935 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP5 SUSE Linux Enterprise Server 12-SP5 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for python fixes the following issues: Security issue fixed: - CVE-2019-16056: Fixed a parser issue in the email module (bsc#1149955). - CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py (bsc#1153238). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP5: zypper in -t patch SUSE-SLE-WE-12-SP5-2019-2748=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2019-2748=1 Package List: - SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64): python-base-debuginfo-2.7.13-28.36.1 python-base-debugsource-2.7.13-28.36.1 python-devel-2.7.13-28.36.1 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): libpython2_7-1_0-2.7.13-28.36.1 libpython2_7-1_0-debuginfo-2.7.13-28.36.1 python-2.7.13-28.36.1 python-base-2.7.13-28.36.1 python-base-debuginfo-2.7.13-28.36.1 python-base-debugsource-2.7.13-28.36.1 python-curses-2.7.13-28.36.1 python-curses-debuginfo-2.7.13-28.36.1 python-debuginfo-2.7.13-28.36.1 python-debugsource-2.7.13-28.36.1 python-demo-2.7.13-28.36.1 python-devel-2.7.13-28.36.1 python-gdbm-2.7.13-28.36.1 python-gdbm-debuginfo-2.7.13-28.36.1 python-idle-2.7.13-28.36.1 python-tk-2.7.13-28.36.1 python-tk-debuginfo-2.7.13-28.36.1 python-xml-2.7.13-28.36.1 python-xml-debuginfo-2.7.13-28.36.1 - SUSE Linux Enterprise Server 12-SP5 (s390x x86_64): libpython2_7-1_0-32bit-2.7.13-28.36.1 libpython2_7-1_0-debuginfo-32bit-2.7.13-28.36.1 python-32bit-2.7.13-28.36.1 python-base-32bit-2.7.13-28.36.1 python-base-debuginfo-32bit-2.7.13-28.36.1 python-debuginfo-32bit-2.7.13-28.36.1 - SUSE Linux Enterprise Server 12-SP5 (noarch): python-doc-2.7.13-28.36.1 python-doc-pdf-2.7.13-28.36.1 References: https://www.suse.com/security/cve/CVE-2019-16056.html https://www.suse.com/security/cve/CVE-2019-16935.html https://bugzilla.suse.com/1149955 https://bugzilla.suse.com/1153238 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . SUSE has released a security patch that resolves two medium-level concerns in the email module of Python and a cross-site scripting (XSS) vulnerability.. SUSE Python Update, SUSE Security Fix, Moderate Security Patch. . LinuxSecurity.com Team

Calendar 2 Nov 12, 2019 SuSE
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderateXSS

openSUSE: 2019:2453-1 Moderate: Python3 Parser Issue and XSS Fixes

An update that solves two vulnerabilities and has three fixes is now available.. openSUSE Security Update: Security update for python3 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:2453-1 Rating: moderate References: #1149121 #1149792 #1149955 #1151490 #1153238 Cross-References: CVE-2019-16056 CVE-2019-16935 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that solves two vulnerabilities and has three fixes is now available. Description: This update for python3 to 3.6.9 fixes the following issues: Security issues fixed: - CVE-2019-16056: Fixed a parser issue in the email module. (bsc#1149955) - CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py (bsc#1153238). Non-security issues fixed: - Fixed regression of OpenSSL 1.1.1b-1 in EVP_PBE_scrypt() with salt=NULL. (bsc#1151490) - Improved locale handling by implementing PEP 538. This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-2453=1 Package List: - openSUSE Leap 15.0 (i586 x86_64): libpython3_6m1_0-3.6.9-lp150.2.14.1 libpython3_6m1_0-debuginfo-3.6.9-lp150.2.14.1 python3-3.6.9-lp150.2.14.1 python3-base-3.6.9-lp150.2.14.1 python3-base-debuginfo-3.6.9-lp150.2.14.1 python3-base-debugsource-3.6.9-lp150.2.14.1 python3-curses-3.6.9-lp150.2.14.1 python3-curses-debuginfo-3.6.9-lp150.2.14.1 python3-dbm-3.6.9-lp150.2.14.1 python3-dbm-debuginfo-3.6.9-lp150.2.14.1 python3-debuginfo-3.6.9-lp150.2.14.1 python3-debugsource-3.6.9-lp150.2.14.1 python3-devel-3.6.9-lp150.2.14.1 python3-devel-debuginfo-3.6.9-lp150.2.14.1 python3-idle-3.6.9-lp150.2.14.1 python3-testsuite-3.6.9-lp150.2.14.1 python3-testsuite-debuginfo-3.6.9-lp150.2.14.1 python3-tk-3.6.9-lp150.2.14.1 python3-tk-debuginfo-3.6.9-lp150.2.14.1 python3-tools-3.6.9-lp150.2.14.1 - openSUSE Leap 15.0 (x86_64): libpython3_6m1_0-32bit-3.6.9-lp150.2.14.1 libpython3_6m1_0-32bit-debuginfo-3.6.9-lp150.2.14.1 python3-32bit-3.6.9-lp150.2.14.1 python3-32bit-debuginfo-3.6.9-lp150.2.14.1 python3-base-32bit-3.6.9-lp150.2.14.1 python3-base-32bit-debuginfo-3.6.9-lp150.2.14.1 References: https://www.suse.com/security/cve/CVE-2019-16056.html https://www.suse.com/security/cve/CVE-2019-16935.html https://bugzilla.suse.com/1149121 https://bugzilla.suse.com/1149792 https://bugzilla.suse.com/1149955 https://bugzilla.suse.com/1151490 https://bugzilla.suse.com/1153238 -- . An openSUSE Security Patch addresses two moderate severity vulnerabilities in python3. Access detailed information on the fixes and implementation guidance. openSUSE Security Update, python3 vulnerabilities, software patch instructions, moderate security announcements. . LinuxSecurity.com Team

Calendar 2 Nov 09, 2019 OpenSUSE
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here