Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
217
security advisorymoderatesecurity updateOracle Linux 9 ELSA-2024-1530 Moderate: Expat Parsing Issues Fix
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-1530 https://linux.oracle.com/errata/ELSA-2024-1530.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: expat-2.5.0-1.el9_3.1.i686.rpm expat-2.5.0-1.el9_3.1.x86_64.rpm expat-devel-2.5.0-1.el9_3.1.i686.rpm expat-devel-2.5.0-1.el9_3.1.x86_64.rpm aarch64: expat-2.5.0-1.el9_3.1.aarch64.rpm expat-devel-2.5.0-1.el9_3.1.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol9/SRPMS-updates//expat-2.5.0-1.el9_3.1.src.rpm Related CVEs: CVE-2023-52425 CVE-2024-28757 Description of changes: [2.5.0-1.1] - CVE-2023-52425: Fix parsing of large tokens - CVE-2024-28757: Reject direct parameter entity recursion - Resolves: RHEL-29698 - Resolves: RHEL-29695 _______________________________________________ El-errata mailing list
Mar 27, 2024
•Important
Oracle
89
security advisorysoftware updateFedoraFedora 38 Security Advisory: perl-Spreadsheet-ParseXLSX Out-Of-Memory Fix
Update to latest version Security fix for CVE-2024-22368. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-fa14bfd3b5 2024-02-27 01:44:25.903503 -------------------------------------------------------------------------------- Name : perl-Spreadsheet-ParseXLSX Product : Fedora 38 Version : 0.31 Release : 1.fc38 URL : https://github.com/doy/spreadsheet-parsexlsx Summary : Parse XLSX files Description : This module is an adaptor for that reads XLSX files. For documentation about the various data that you can retrieve from these classes, please see , , , and . -------------------------------------------------------------------------------- Update Information: Update to latest version Security fix for CVE-2024-22368 -------------------------------------------------------------------------------- ChangeLog: * Sun Feb 18 2024 Elliott Sales de Andrade - 0.31-1 - Update to latest version (#2256482) - Fixes CVE-2024-22368 (#2257626) * Thu Jan 25 2024 Fedora Release Engineering - 0.27-15 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sun Jan 21 2024 Fedora Release Engineering - 0.27-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jul 21 2023 Fedora Release Engineering - 0.27-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2257625 - CVE-2024-22368 perl-Spreadsheet-ParseXLSX: out-of-memory condition during parsing of a crafted XLSX document https://bugzilla.redhat.com/show_bug.cgi?id=2257625 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-fa14bfd3b5' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Feb 27, 2024
•Critical
Fedora
89
security advisorymoderateFedoraFedora 37 F2023-1d0d71b6aa Moderate: Sequoia-OpenPGP Configuration Fix
- Update the sequoia-openpgp crate to version 1.16.0. - Update the nettle crate to version 7.3.0. - Update the nettle-sys crate to version 2.2.0. - Update the buffered-reader crate to version 1.2.0. Version 1.16.0 of the sequoia-openpgp crate fixes some issues in parsing code, which could lead to attempted out-of- bounds accesses that result in crashes due to bounds checks which are included. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-1d0d71b6aa 2023-05-27 01:25:15.781100 --------------------------------------------------------------------------------Name : rust-sequoia-policy-config Product : Fedora 37 Version : 0.6.0 Release : 4.fc37 URL : Summary : Configure Sequoia using a configuration file Description : Configure Sequoia using a configuration file. --------------------------------------------------------------------------------Update Information: - Update the sequoia-openpgp crate to version 1.16.0. - Update the nettle crate to version 7.3.0. - Update the nettle-sys crate to version 2.2.0. - Update the buffered-reader crate to version 1.2.0. Version 1.16.0 of the sequoia-openpgp crate fixes some issues in parsing code, which could lead to attempted out-of-bounds accesses that result in crashes due to bounds checks which are included by default in Rust code. This update contains rebuilds of all applications that are based on sequoia-openpgp to address this issue. ---- Update to version 1.5.0. This release improves compatibility with the version of librnp that's bundled in recent versions of thunderbird. --------------------------------------------------------------------------------ChangeLog: * Thu May 18 2023 Fabio Valentini - 0.6.0-4 - Rebuild for sequoia-openpgp v1.16 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-1d0d71b6aa'at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
May 27, 2023
Fedora
89
security advisorybuffer overflowFedoraFedora 37: FEDORA-2023-1d0d71b6aa Moderate: Sequoia-OpenPGP Parsing Fix
- Update the sequoia-openpgp crate to version 1.16.0. - Update the nettle crate to version 7.3.0. - Update the nettle-sys crate to version 2.2.0. - Update the buffered-reader crate to version 1.2.0. Version 1.16.0 of the sequoia-openpgp crate fixes some issues in parsing code, which could lead to attempted out-of- bounds accesses that result in crashes due to bounds checks which are included. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2023-1d0d71b6aa 2023-05-27 01:25:15.781100 --------------------------------------------------------------------------------Name : rust-buffered-reader Product : Fedora 37 Version : 1.2.0 Release : 1.fc37 URL : Summary : Super-powered Reader Description : A super-powered Reader. --------------------------------------------------------------------------------Update Information: - Update the sequoia-openpgp crate to version 1.16.0. - Update the nettle crate to version 7.3.0. - Update the nettle-sys crate to version 2.2.0. - Update the buffered-reader crate to version 1.2.0. Version 1.16.0 of the sequoia-openpgp crate fixes some issues in parsing code, which could lead to attempted out-of-bounds accesses that result in crashes due to bounds checks which are included by default in Rust code. This update contains rebuilds of all applications that are based on sequoia-openpgp to address this issue. ---- Update to version 1.5.0. This release improves compatibility with the version of librnp that's bundled in recent versions of thunderbird. --------------------------------------------------------------------------------ChangeLog: * Wed May 17 2023 Fabio Valentini - 1.2.0-1 - Update to version 1.2.0; Fixes RHBZ#2207951 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-1d0d71b6aa' at the command line. For more information,refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
May 27, 2023
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!