Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
202
security advisorymoderate severityout-of-boundsopenSUSE: 2024:0303-1 Moderate: htmldoc Out-Of-Bounds Threat
An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for htmldoc ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0303-1 Rating: moderate References: #1230022 Cross-References: CVE-2024-45508 Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for htmldoc fixes the following issues: - CVE-2024-45508: Fixed an out-of-bounds write in parse_paragraph in ps-pdf.cxx because of an attempt to strip leading whitespace from a whitespace-only node [boo#1230022]. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2024-303=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64): htmldoc-1.9.16-bp156.3.3.1 References: https://www.suse.com/security/cve/CVE-2024-45508.html https://bugzilla.suse.com/1230022 . Enhance your openSUSE security by upgrading HTMDoc due to moderate vulnerabilities. Follow our step-by-step guide for a successful patching process. openSUSE Security, htmldoc Update, Out-Of-Bounds Error, Security Patch. . LinuxSecurity.com Team
Sep 16, 2024
OpenSUSE
89
security advisoryfedoracritical updateFedora 37 FEDORA-2022-3d88188071 Critical: X.Org Server Stack Overflow Fix
Fix buggy patch to CVE-2022-46340. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-3d88188071 2022-12-21 01:27:49.869810 --------------------------------------------------------------------------------Name : xorg-x11-server Product : Fedora 37 Version : 1.20.14 Release : 12.fc37 URL : https://www.x.org/wiki/ Summary : X.Org X11 X server Description : X.Org X11 X server --------------------------------------------------------------------------------Update Information: Fix buggy patch to CVE-2022-46340 --------------------------------------------------------------------------------ChangeLog: * Mon Dec 19 2022 Peter Hutterer - 1.20.14-12 - Fix buggy patch to CVE-2022-46340 --------------------------------------------------------------------------------References: [ 1 ] Bug #2153116 - CVE-2022-46340 xorg-x11-server: X.Org Server XTestSwapFakeInput stack overflow [fedora-37] https://bugzilla.redhat.com/show_bug.cgi?id=2153116 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-3d88188071' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Dec 21, 2022
•Critical
Fedora
100
security advisorysecurity updatesuseSUSE: 2022:1144-1 Important Security Update for Containers
The container suse-sles-15-sp3-chost-byos-v20221215-hvm-ssd-x86_64 was updated. The following patches have been included in this update:. SUSE Image Update Advisory: suse-sles-15-sp3-chost-byos-v20221215-hvm-ssd-x86_64 ----------------------------------------------------------------- Image Advisory ID : SUSE-IU-2022:1144-1 Image Tags : suse-sles-15-sp3-chost-byos-v20221215-hvm-ssd-x86_64:20221215 Image Release : Severity : important Type : security References : 1163683 1179465 1181429 1184124 1184689 1186787 1187654 1187655 1188086 1188607 1189560 1192252 1192478 1192508 1192648 1194392 1195618 1197284 1197428 1197998 1198523 1198894 1199074 1200102 1200330 1200505 1200657 1200901 1201053 1201490 1201492 1201493 1201495 1201496 1201689 1202269 1202337 1202417 1202750 1202962 1203110 1203125 1203152 1203155 1203194 1203216 1203267 1203272 1203508 1203509 1203600 1203749 1203796 1203797 1203799 1203818 1203820 1203924 1204254 1204511 1204577 1204706 1204720 1204779 1205126 1205178 1205182 1205275 1206065 1206235 876845 877776 885007 896188 988954 CVE-2019-18348 CVE-2020-10735 CVE-2020-8492 CVE-2021-3928 CVE-2022-2031 CVE-2022-23471 CVE-2022-2601 CVE-2022-27191 CVE-2022-2980 CVE-2022-2982 CVE-2022-3037 CVE-2022-3099 CVE-2022-3134 CVE-2022-3153 CVE-2022-3234 CVE-2022-3235 CVE-2022-32742 CVE-2022-32744 CVE-2022-32745 CVE-2022-32746 CVE-2022-3278 CVE-2022-3296 CVE-2022-3297 CVE-2022-3324 CVE-2022-3352 CVE-2022-3437 CVE-2022-3705 CVE-2022-37454 CVE-2022-3775 CVE-2022-42898 ----------------------------------------------------------------- The container suse-sles-15-sp3-chost-byos-v20221215-hvm-ssd-x86_64 was updated. Thefollowing patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:4160-1 Released: Tue Nov 22 10:10:37 2022 Summary: Recommended update for nfsidmap Type: recommended Severity: moderate References: 1200901 This update for nfsidmap fixes the following issues: - Various bugfixes and improvemes from upstream In particular, fixed a crash that can happen when a 'static' mapping is configured. (bsc#1200901) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:4163-1 Released: Tue Nov 22 10:57:10 2022 Summary: Recommended update for dracut Type: recommended Severity: moderate References: 1187654,1195618,1203267,1203749 This update for dracut fixes the following issues: - systemd: add missing modprobe@.service (bsc#1203749) - i18n: do not fail if FONT in /etc/vconsole.conf has the file extension (bsc#1203267) - drm: consider also drm_dev_register when looking for gpu driver (bsc#1195618) - integrity: do not display any error if there is no IMA certificate (bsc#1187654) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:4198-1 Released: Wed Nov 23 13:15:04 2022 Summary: Recommended update for rpm Type: recommended Severity: moderate References: 1202750 This update for rpm fixes the following issues: - Strip critical bit in signature subpackage parsing - No longer deadlock DNF after pubkey import (bsc#1202750) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:4217-1 Released: Fri Nov 25 07:23:35 2022 Summary: Recommended update for wget Type: recommended Severity: moderate References: 1204720 This update for wget fixes the following issues: - Truncate long file names to prevent wget failures (bsc#1204720) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4219-1 Released: Fri Nov 25 09:39:492022 Summary: Security update for grub2 Type: security Severity: important References: 1205178,1205182,CVE-2022-2601,CVE-2022-3775 This update for grub2 fixes the following issues: - CVE-2022-2601: Fixed buffer overflow in grub_font_construct_glyph (bsc#1205178). - CVE-2022-3775: Fixed integer underflow in blit_comb() (bsc#1205182). Other: - Bump upstream SBAT generation to 3 ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:4256-1 Released: Mon Nov 28 12:36:32 2022 Summary: Recommended update for gcc12 Type: recommended Severity: moderate References: This update for gcc12 fixes the following issues: This update ship the GCC 12 compiler suite and its base libraries. The compiler baselibraries are provided for all SUSE Linux Enterprise 15 versions and replace the same named GCC 11 ones. The new compilers for C, C++, and Fortran are provided for SUSE Linux Enterprise 15 SP3 and SP4, and provided in the 'Development Tools' module. The Go, D and Ada language compiler parts are available unsupported via the PackageHub repositories. To use gcc12 compilers use: - install 'gcc12' or 'gcc12-c++' or one of the other 'gcc12-COMPILER' frontend packages. - override your Makefile to use CC=gcc12, CXX=g++12 and similar overrides for the other languages. For a full changelog with all new GCC12 features, check out https://gcc.gnu.org/gcc-12/changes.html ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:4270-1 Released: Tue Nov 29 13:20:45 2022 Summary: Recommended update for lvm2 Type: recommended Severity: moderate References: 1198523,1199074,1203216 This update for lvm2 fixes the following issues: - Design changes to avoid kernel panic (bsc#1198523) - Fix device-mapper rpm package versioning to prevent migration issues (bsc#1199074) - killed lvmlockd doesn't clear/adopt locks leading to inability to start volume group(bsc#1203216) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4278-1 Released: Tue Nov 29 15:43:49 2022 Summary: Security update for supportutils Type: security Severity: moderate References: 1184689,1188086,1192252,1192648,1197428,1200330,1202269,1202337,1202417,1203818 This update for supportutils fixes the following issues: Security issues fixed: - Passwords correctly removed from email.txt, updates.txt and fs-iscsi.txt (bsc#1203818) Bug fixes: - Added lifecycle information - Fixed KVM virtualization detection on bare metal (bsc#1184689) - Added logging using journalctl (bsc#1200330) - Get current sar data before collecting files (bsc#1192648) - Collects everything in /etc/multipath/ (bsc#1192252) - Collects power management information in hardware.txt (bsc#1197428) - Checks for suseconnect-ng or SUSEConnect packages (bsc#1202337) - Fixed conf_files and conf_text_files so y2log is gathered (bsc#1202269) - Update to nvme_info and block_info (bsc#1202417) - Added includedir directories from /etc/sudoers (bsc#1188086) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4281-1 Released: Tue Nov 29 15:46:10 2022 Summary: Security update for python3 Type: security Severity: important References: 1188607,1203125,1204577,CVE-2019-18348,CVE-2020-10735,CVE-2020-8492,CVE-2022-37454 This update for python3 fixes the following issues: - CVE-2022-37454: Fixed a buffer overflow in hashlib.sha3_* implementations. (bsc#1204577) - CVE-2020-10735: Fixed a bug to limit amount of digits converting text to int and vice vera. (bsc#1203125) The following non-security bug was fixed: - Fixed a crash in the garbage collection (bsc#1188607). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4282-1 Released: Tue Nov 29 15:50:15 2022 Summary: Security update for vim Type: security Severity: important References: 1192478,1202962,1203110,1203152,1203155,1203194,1203272,1203508,1203509,1203796,1203797,1203799,1203820,1203924,1204779,CVE-2021-3928,CVE-2022-2980,CVE-2022-2982,CVE-2022-3037,CVE-2022-3099,CVE-2022-3134,CVE-2022-3153,CVE-2022-3234,CVE-2022-3235,CVE-2022-3278,CVE-2022-3296,CVE-2022-3297,CVE-2022-3324,CVE-2022-3352,CVE-2022-3705 This update for vim fixes the following issues: Updated to version 9.0 with patch level 0814: - CVE-2021-3928: Fixed stack-based buffer overflow (bsc#1192478). - CVE-2022-3234: Fixed heap-based buffer overflow (bsc#1203508). - CVE-2022-3235: Fixed use-after-free (bsc#1203509). - CVE-2022-3324: Fixed stack-based buffer overflow (bsc#1203820). - CVE-2022-3705: Fixed use-after-free in function qf_update_buffer of the file quickfix.c (bsc#1204779). - CVE-2022-2982: Fixed use-after-free in qf_fill_buffer() (bsc#1203152). - CVE-2022-3296: Fixed stack out of bounds read in ex_finally() in ex_eval.c (bsc#1203796). - CVE-2022-3297: Fixed use-after-free in process_next_cpt_value() at insexpand.c (bsc#1203797). - CVE-2022-3099: Fixed use-after-free in ex_docmd.c (bsc#1203110). - CVE-2022-3134: Fixed use-after-free in do_tag() (bsc#1203194). - CVE-2022-3153: Fixed NULL pointer dereference (bsc#1203272). - CVE-2022-3278: Fixed NULL pointer dereference in eval_next_non_blank() in eval.c (bsc#1203799). - CVE-2022-3352: Fixed use-after-free (bsc#1203924). - CVE-2022-2980: Fixed NULL pointer dereference in do_mouse() (bsc#1203155). - CVE-2022-3037: Fixed use-after-free (bsc#1202962). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:4312-1 Released: Fri Dec 2 11:16:47 2022 Summary: Recommended update for tar Type: recommended Severity: moderate References: 1200657,1203600 This update for tar fixes the following issues: - Fix unexpected inconsistency when making directory (bsc#1203600) - Update race condition fix (bsc#1200657) ----------------------------------------------------------------- Advisory ID: SUSE-feature-2022:4341-1 Released: Wed Dec 7 12:55:26 2022 Summary: Feature update for wicked Type: feature Severity: moderate References: 1181429,1184124,1186787,1187655,1189560,1192508,1194392,1198894,1200505,1201053,876845,877776,885007,896188,988954 This update for wicked fixes the following issues: - auto6: Fix to apply DNS from RA rdnss after ifdown/ifup (bsc#1181429) - build: Ensure binaries are Position Independent Executable (PIE) (bsc#1184124) - client: Add release options to ifdown/ifreload (jsc#SLE-25048, jsc#SLE-10249) - client: Fix memory access violation (SEGV) on empty xpath results - compat-suse: Match read order of sysctl.d '/etc' vs. '/run' with systemd-sysctl and remove obsolete (sle11/sysconfig) lines about ifup-sysctl from ifsysctl.5. - compat-suse: Fix reading of sysctl variable 'addr_gen_mode' - dbus: Clear string array before append - dhcp4: Fix issues in reuse of last lease (bsc#1187655) - dhcp6: Add option to refresh lease (jsc#SLE-24310, jsc#SLE-9492, jsc#SLE-24307) - dhcp6: Consider ppp interfaces supported - dhcp6: Ignore lease release status - dhcp6: Remove address before release - firewall-ext: No config change on ifdown (bsc#1201053, bsc#1189560) - redfish: Add initial support to decode the SMBIOS Management Controller Host Interface (Type 42) (jsc#SLE-24286, jsc#SLE-17762) - Removed obsolete patch included in the main sources (bsc#1194392) - socket: Fix memory access violation (SEGV) on heavy socket restart errors (bsc#1192508) - systemd: Remove systemd-udev-settle dependency (bsc#1186787) - team: Fix to configure port priority in teamd (bsc#1200505) - wireless: Add support for WPA3 and PMF (bsc#1198894) - wireless: Fix memory access violation (SEGV) on supplicant restart - wireless: Fix to not expect colons in 64byte long wpa-psk hex hash string - wireless: Remove libiw dependencies - xml-schema: Reference counting fix to not crash at exit on schema errors ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:4358-1 Released: Thu Dec 8 10:55:102022 Summary: Recommended update for rsyslog Type: recommended Severity: moderate References: 1205275 This update for rsyslog fixes the following issue: - Parsing of legacy config syntax (bsc#1205275) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:4388-1 Released: Fri Dec 9 04:07:21 2022 Summary: Recommended update for gnutls Type: recommended Severity: moderate References: 1204511 This update for gnutls fixes the following issues: - Fix potential to free an invalid pointer (bsc#1204511) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:4389-1 Released: Fri Dec 9 07:59:16 2022 Summary: Recommended update for avahi Type: recommended Severity: moderate References: 1163683 This update for avahi fixes the following issues: - Do not cache responses generated locally (bsc#1163683) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4395-1 Released: Fri Dec 9 11:02:36 2022 Summary: Security update for samba Type: security Severity: important References: 1200102,1201490,1201492,1201493,1201495,1201496,1201689,1204254,1205126,CVE-2022-2031,CVE-2022-32742,CVE-2022-32744,CVE-2022-32745,CVE-2022-32746,CVE-2022-3437,CVE-2022-42898 This update for samba fixes the following issues: Version update to 4.15.12. Security issues fixed: - CVE-2022-2031: Fixed AD users that could have bypassed certain restrictions associated with changing passwords (bsc#1201495). - CVE-2022-32742: Fixed SMB1 code that does not correctly verify SMB1write, SMB1write_and_close, SMB1write_and_unlock lengths (bsc#1201496). - CVE-2022-32744: Fixed AD users that could have forged password change requests for any user (bsc#1201493). - CVE-2022-32745: Fixed AD users that could have crashed the server process with an LDAP add or modify request (bsc#1201492). - CVE-2022-32746: Fixed a use-after-free occurring in database audit logging (bsc#1201490). -CVE-2022-3437: Fixed buffer overflow in Heimdal unwrap_des3() (bsc#1204254). - CVE-2022-42898: Fixed Samba buffer overflow vulnerabilities on 32-bit systems (bsc#1205126). Bug fixes: - Install a systemd drop-in file for named service to allow read/write access to the DLZ directory (bsc#1201689). - Possible use after free of connection_struct when iterating smbd_server_connection-> connections (bsc#1200102). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:4412-1 Released: Tue Dec 13 04:47:03 2022 Summary: Recommended update for suse-build-key Type: recommended Severity: moderate References: 1204706 This update for suse-build-key fixes the following issues: - added /usr/share/pki/containers directory for container pem keys (cosign/sigstore style), put the SUSE Container signing PEM key there too (bsc#1204706) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4463-1 Released: Tue Dec 13 17:04:31 2022 Summary: Security update for containerd Type: security Severity: important References: 1197284,1206065,1206235,CVE-2022-23471,CVE-2022-27191 This update for containerd fixes the following issues: Update to containerd v1.6.12 including Docker v20.10.21-ce (bsc#1206065). Also includes the following fix: - CVE-2022-23471: host memory exhaustion through Terminal resize goroutine leak (bsc#1206235). - CVE-2022-27191: crash in a golang.org/x/crypto/ssh server (bsc#1197284). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:4470-1 Released: Wed Dec 14 06:05:48 2022 Summary: Recommended update for sudo Type: recommended Severity: important References: 1197998 This update for sudo fixes the following issues: - Change sudo-ldap schema from ASCII to UTF8 to fix a regression introduced in a previous maintenance update (bsc#1197998) ----------------------------------------------------------------- Advisory ID:SUSE-RU-2022:4499-1 Released: Thu Dec 15 10:48:49 2022 Summary: Recommended update for openssh Type: recommended Severity: moderate References: 1179465 This update for openssh fixes the following issues: - Make ssh connections update their dbus environment (bsc#1179465): * Add openssh-dbus.sh, openssh-dbus.csh, openssh-dbus.fish The following package changes have been done: - containerd-ctr-1.6.12-150000.79.1 updated - containerd-1.6.12-150000.79.1 updated - dracut-049.1+suse.247.gfb7df05c-150200.3.63.1 updated - grub2-i386-pc-2.04-150300.22.25.1 updated - grub2-x86_64-efi-2.04-150300.22.25.1 updated - grub2-x86_64-xen-2.04-150300.22.25.1 updated - grub2-2.04-150300.22.25.1 updated - krb5-1.19.2-150300.7.7.1 updated - libavahi-client3-0.7-150100.3.21.4 updated - libavahi-common3-0.7-150100.3.21.4 updated - libdevmapper1_03-2.03.05_1.02.163-150200.8.49.1 updated - libgcc_s1-12.2.1+git416-150000.1.5.1 updated - libgnutls30-3.6.7-150200.14.22.1 updated - libpython3_6m1_0-3.6.15-150300.10.37.2 updated - libstdc++6-12.2.1+git416-150000.1.5.1 updated - nfsidmap-0.26-150000.3.7.1 updated - openssh-clients-8.4p1-150300.3.15.4 updated - openssh-common-8.4p1-150300.3.15.4 updated - openssh-server-8.4p1-150300.3.15.4 updated - openssh-8.4p1-150300.3.15.4 updated - python3-base-3.6.15-150300.10.37.2 updated - python3-3.6.15-150300.10.37.2 updated - rpm-ndb-4.14.3-150300.52.1 updated - rsyslog-8.2106.0-150200.4.35.1 updated - samba-client-libs-4.15.12+git.535.7750e5c95ef-150300.3.43.1 updated - sudo-1.9.5p2-150300.3.16.1 updated - supportutils-3.1.21-150300.7.35.15.1 updated - suse-build-key-12.0-150000.8.28.1 updated - tar-1.34-150000.3.22.3 updated - vim-data-common-9.0.0814-150000.5.28.1 updated - vim-9.0.0814-150000.5.28.1 updated - wget-1.20.3-150000.3.15.1 updated - wicked-service-0.6.70-150300.4.8.1 updated - wicked-0.6.70-150300.4.8.1 updated . SUSE provides critical security updates for container suse-sles-15-sp4 addressing vulnerabilities and proposing corrective measures.. SUSE SecurityUpdate,Container Updates,Security Advisories,Patch Management. . Severity: Important. LinuxSecurity.com Team
Dec 20, 2022
•Important
SuSE
100
security advisorymoderatesymlink issueSUSE: 2022:1925-1 Moderate: Fix For Symlink And Double Free Issue
An update that solves two vulnerabilities and has two fixes is now available. . SUSE Security Update: Security update for patch ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1925-1 Rating: moderate References: #1080985 #1111572 #1142041 #1198106 Cross-References: CVE-2018-6952 CVE-2019-13636 CVSS scores: CVE-2018-6952 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-6952 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2019-13636 (NVD) : 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2019-13636 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise Desktop 15-SP4 SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise Module for Basesystem 15-SP4 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Manager Proxy 4.2 SUSE Manager Server 4.2 openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: This update for patch fixes the following issues: Security issues fixed: - CVE-2019-13636: Fixed follow symlinks unless --follow-symlinks is given. This increases the security against malicious patches (bsc#1142041). -CVE-2018-6952: Fixed swapping fakelines in pch_swap. This bug was causing a double free leading to a crash (bsc#1080985). Bugfixes: - Abort when cleaning up fails. This bug could cause an infinite loop when a patch wouldn't apply, leading to a segmentation fault (bsc#1111572). - Pass the correct stat to backup files. This bug would occasionally cause backup files to be missing when all hunks failed to apply (bsc#1198106). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-1925=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-1925=1 - SUSE Linux Enterprise Module for Basesystem 15-SP4: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-1925=1 - SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-1925=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): patch-2.7.6-150000.5.3.1 patch-debuginfo-2.7.6-150000.5.3.1 patch-debugsource-2.7.6-150000.5.3.1 - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): patch-2.7.6-150000.5.3.1 patch-debuginfo-2.7.6-150000.5.3.1 patch-debugsource-2.7.6-150000.5.3.1 - SUSE Linux Enterprise Module for Basesystem 15-SP4 (aarch64 ppc64le s390x x86_64): patch-2.7.6-150000.5.3.1 patch-debuginfo-2.7.6-150000.5.3.1 patch-debugsource-2.7.6-150000.5.3.1 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64): patch-2.7.6-150000.5.3.1 patch-debuginfo-2.7.6-150000.5.3.1 patch-debugsource-2.7.6-150000.5.3.1 References: https://www.suse.com/security/cve/CVE-2018-6952.html https://www.suse.com/security/cve/CVE-2019-13636.html https://bugzilla.suse.com/1080985 https://bugzilla.suse.com/1111572 https://bugzilla.suse.com/1142041 https://bugzilla.suse.com/1198106 . SUSE Security Notice: A new update has been released addressing two concerns of moderate risk and offering two resolutions.. SUSE Security Update, Patch Fix, Symlink Issue, Linux Security Fix. . LinuxSecurity.com Team
Jun 02, 2022
SuSE
197
security advisorysecurity updateDebianDebian 8: DLA-1856-1 Critical: Patch Symlink Handling Improvement
Handling of symlinks in patch, a tool to apply a diff file to an original, was wrong in certain cases. . Package : patch Version : 2.7.5-1+deb8u2 CVE ID : CVE-2019-13636 Handling of symlinks in patch, a tool to apply a diff file to an original, was wrong in certain cases. For Debian 8 "Jessie", this problem has been fixed in version 2.7.5-1+deb8u2. We recommend that you upgrade your patch packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Enhance your patch packages in response to symlink management concerns on Debian LTS platforms to maintain security.. Debian, patch, symlink, security update, LTS. . Severity: Critical. LinuxSecurity.com Team
Jul 19, 2019
•Critical
Debian LTS
89
security advisoryfedoracritical alertFedora 27: 2018-23a1b5975a Critical: Arbitrary Command Execution Risk
Security fix for CVE-2018-1000156. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-23a1b5975a 2018-05-15 19:52:12.739116 --------------------------------------------------------------------------------Name : patch Product : Fedora 27 Version : 2.7.6 Release : 4.fc27 URL : Summary : Utility for modifying/upgrading files Description : The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file (patching the file). Patch should be installed because it is a common way of upgrading applications. --------------------------------------------------------------------------------Update Information: Security fix for CVE-2018-1000156 --------------------------------------------------------------------------------ChangeLog: * Thu May 3 2018 Tim Waugh - 2.7.6-4 - Fixed CVE-2018-1000156 - Malicious patch files cause ed to execute arbitrary commands. * Mon Feb 12 2018 Tim Waugh - 2.7.6-3 - 2.7.6 (CVE-2016-10713, CVE-2018-6951, CVE-2018-6952). * Thu Feb 8 2018 Fedora Release Engineering - 2.7.5-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1564326 - CVE-2018-1000156 patch: Malicious patch files cause ed to execute arbitrary commands https://bugzilla.redhat.com/show_bug.cgi?id=1564326 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-23a1b5975a' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
May 15, 2018
•Critical
Fedora
217
security advisorymoderatesecurity updateEnterprise Linux 3 ELSA-2007-0356 Moderate: Libpng Security Update
The following updated rpms for Enterprise Linux 3 have been uploaded to the Unbreakable Linux Network: . Enterprise Linux Security Advisory ELSA-2007-0356 https://access.redhat.com/errata/RHSA-2007:0356.html The following updated rpms for Enterprise Linux 3 have been uploaded to the Unbreakable Linux Network: i386: libpng-1.2.2-27.i386.rpm libpng-devel-1.2.2-27.i386.rpm libpng10-1.0.13-17.i386.rpm libpng10-devel-1.0.13-17.i386.rpm x86_64: libpng-1.2.2-27.i386.rpm libpng-1.2.2-27.x86_64.rpm libpng-devel-1.2.2-27.x86_64.rpm libpng10-1.0.13-17.i386.rpm libpng10-1.0.13-17.x86_64.rpm libpng10-devel-1.0.13-17.x86_64.rpm SRPMS: https://oss.oracle.com:443/el3/SRPMS-updates/libpng-1.2.2-27.src.rpm https://oss.oracle.com:443/el3/SRPMS-updates/libpng10-1.0.13-17.src.rpm Description of changes: libpng-1.2.2-27: [1.2.2-27] - Add patch to fix CVE-2006-5793 Resolves: #215405 [1.2.2-26] - Add patch to fix CVE-2007-2445 Resolves: #239543 libpng10-1.0.13-17: [1.0.13-17] - Add patch to fix CVE-2006-5793 Resolves: #215405 [1.0.13-16] - Add patch to fix CVE-2007-2445 Resolves: #239543 . Essential security update for Enterprise Linux 4 targeting libjpeg vulnerabilities with urgent fixes implemented.. Enterprise Linux, libpng, security update, patch fix, advisory. . Severity: Important. LinuxSecurity.com Team
May 18, 2007
•Important
Oracle
99
security advisoryinstallation instructionsSlackwareSlackware 11.0: SSA:2007-110-01 Critical: x11 Fontconfig Issue Fix
A new x11-6.9.0-i486-14_slack11.0.tgz patch is available for Slackware 11.0 to fix the inadvertent inclusion of two old fontconfig binaries. Installing the original fontconfig patch followed by the original x11 patch would cause fc-cache and fc-list to be overwritten by old versions, breaking fontconfig. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] Slackware 11.0 x11-6.9.0 patch fix (SSA:2007-110-01) A new x11-6.9.0-i486-14_slack11.0.tgz patch is available for Slackware 11.0 to fix the inadvertent inclusion of two old fontconfig binaries. Installing the original fontconfig patch followed by the original x11 patch would cause fc-cache and fc-list to be overwritten by old versions, breaking fontconfig. To fix the issue, reinstall the fontconfig patch. The x11 package has been updated so that installation will not be order-specific for anyone fetching the patches now. Sorry for the inconvenience. Here are the details from the Slackware 11.0 ChangeLog: +--------------------------+ patches/packages/x11-6.9.0-i486-14_slack11.0.tgz: Removed old versions of fc-cache and fc-list. Somehow a couple of old fontconfig binaries snuck into this package, and prevent fc-cache from working properly at boot (or any other time). If you've already installed these upgrades, reinstalling the fontconfig package will fix the issue. If you do that, there's no need to reinstall this new x11 package -- it's been fixed so that there's no longer a problem with the package install order (and because those fc-* binaries didn't belong there). Sorry for any inconvenience... Thanks to Petri Kaukasoina for pointing this out. (* Fix *) +--------------------------+ Where to find the new package: +-----------------------------+ HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading from ftp.slackware.com. Thanks to the friendly folks at the OSU Open SourceLab (https://osuosl.org/) for donating additional FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 11.0: ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/x11-6.9.0-i486-14_slack11.0.tgz MD5 signatures: +-------------+ Slackware 11.0 package: dd7b984b91576d65b829074963dd8bd0 x11-6.9.0-i486-14_slack11.0.tgz Installation instructions: +------------------------+ If you already have x11-6.9.0-i486-13_slack11.0.tgz, check the version of fc-cache. It should be 2.4.2: # fc-cache --version fontconfig version 2.4.2 If not, reinstall the fontconfig package: # upgradepkg --reinstall fontconfig-2.4.2-i486-1_slack11.0.tgz If you don't yet have the new x11, fontconfig, and freetype patches, the versions in slackware-11.0/patches/packages may be installed with upgradepkg in no particular order. +-----+ . Slackware 12.2 update resolves outdated fontconfig executables conflict related to x11-7.1.0.. slackware update,fontconfig fix,x11 patch,security advisory,software update. . Severity: Critical. LinuxSecurity.com Team
Apr 20, 2007
•Critical
Slackware
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!