Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 312 articles for you...
217

Oracle Linux 8 libsoup Security Update ELSA-2026-2215 CVE-2026-0719

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-2215 http://linux.oracle.com/errata/ELSA-2026-2215.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: libsoup-2.62.3-13.el8_10.i686.rpm libsoup-2.62.3-13.el8_10.x86_64.rpm libsoup-devel-2.62.3-13.el8_10.i686.rpm libsoup-devel-2.62.3-13.el8_10.x86_64.rpm aarch64: libsoup-2.62.3-13.el8_10.aarch64.rpm libsoup-devel-2.62.3-13.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/libsoup-2.62.3-13.el8_10.src.rpm Related CVEs: CVE-2026-0719 CVE-2026-1761 Description of changes: [2.62.3-13] - Backport patch for CVE-2026-1761 [2.62.3-12] - Backport patch for CVE-2026-0719 - Fix NTLM authentication test failures in FIPS mode _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Updated libsoup packages for Oracle Linux 8 address important security issues. Check the advisory for details.. Oracle Linux 8, libsoup updates, Important security advisory, package management. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Feb 11, 2026 Important Oracle
100

SUSE: Critical Privilege Escalation Vulnerabilities CVE-2025-32462,32463

* bsc#1245274 * bsc#1245275 Cross-References: * CVE-2025-32462 . # Security update for sudo Announcement ID: SUSE-SU-2025:20489-1 Release Date: 2025-07-10T12:53:42Z Rating: important References: * bsc#1245274 * bsc#1245275 Cross-References: * CVE-2025-32462 * CVE-2025-32463 CVSS scores: * CVE-2025-32462 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-32462 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-32462 ( NVD ): 2.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N * CVE-2025-32462 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2025-32463 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-32463 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-32463 ( NVD ): 9.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H * CVE-2025-32463 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Micro 6.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for sudo fixes the following issues: * CVE-2025-32462: Fix a possible local privilege escalation via the --host option (bsc#1245274) * CVE-2025-32463: Fix a possible local privilege Escalation via chroot option (bsc#1245275) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-378=1 ## Package List: * SUSE Linux Micro 6.0 (aarch64 s390x x86_64) * sudo-debugsource-1.9.15p5-2.1 * sudo-1.9.15p5-2.1 * sudo-debuginfo-1.9.15p5-2.1 ## References: * https://www.suse.com/security/cve/CVE-2025-32462.html * https://www.suse.com/security/cve/CVE-2025-32463.html * https://bugzilla.suse.com/show_bug.cgi?id=1245274 *https://bugzilla.suse.com/show_bug.cgi?id=1245275 . Essential SUSE upgrade for sudo tackles local privilege elevation vulnerabilities with two CVE resolutions and suggested updates.. SUSE, sudo, local escalation, security patch, CVE fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 25, 2025 Critical SuSE
202

openSUSE: 2025:1369-1 important: ruby2.5 security fixes for DoS

An update that solves three vulnerabilities and has one security fix can now be installed.. # Security update for ruby2.5 Announcement ID: SUSE-SU-2025:1369-1 Release Date: 2025-04-24T17:12:13Z Rating: important References: * bsc#1230930 * bsc#1235773 * bsc#1237804 * bsc#1237806 Cross-References: * CVE-2024-47220 * CVE-2025-27219 * CVE-2025-27220 CVSS scores: * CVE-2024-47220 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-47220 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2024-47220 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-27219 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-27219 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-27219 ( NVD ): 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L * CVE-2025-27219 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-27220 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-27220 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-27220 ( NVD ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L * CVE-2025-27220 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE LinuxEnterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for ruby2.5 fixes the following issues: * CVE-2025-27219: Fixed denial of service in CGI::Cookie.parse (bsc#1237804) * CVE-2025-27220: Fixed ReDoS in CGI::Util#escapeElement (bsc#1237806) Other fixes: \- Improved fix for CVE-2024-47220 (bsc#1230930, bsc#1235773) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1369=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1369=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1369=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1369=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1369=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1369=1 * SUSE Manager Server 4.3 zypper in -t patchSUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1369=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-1369=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1369=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1369=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1369=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1369=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1369=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1369=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1369=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1369=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1369=1 ## Package List: * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.41.1 * ruby2.5-stdlib-2.5.9-150000.4.41.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-2.5.9-150000.4.41.1 * ruby2.5-debugsource-2.5.9-150000.4.41.1 * ruby2.5-debuginfo-2.5.9-150000.4.41.1 * ruby2.5-devel-2.5.9-150000.4.41.1 * ruby2.5-2.5.9-150000.4.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.41.1 * ruby2.5-stdlib-2.5.9-150000.4.41.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-2.5.9-150000.4.41.1 *ruby2.5-debugsource-2.5.9-150000.4.41.1 * ruby2.5-debuginfo-2.5.9-150000.4.41.1 * ruby2.5-devel-2.5.9-150000.4.41.1 * ruby2.5-2.5.9-150000.4.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.41.1 * ruby2.5-stdlib-2.5.9-150000.4.41.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-2.5.9-150000.4.41.1 * ruby2.5-debugsource-2.5.9-150000.4.41.1 * ruby2.5-debuginfo-2.5.9-150000.4.41.1 * ruby2.5-devel-2.5.9-150000.4.41.1 * ruby2.5-2.5.9-150000.4.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.41.1 * ruby2.5-stdlib-2.5.9-150000.4.41.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-2.5.9-150000.4.41.1 * ruby2.5-debugsource-2.5.9-150000.4.41.1 * ruby2.5-debuginfo-2.5.9-150000.4.41.1 * ruby2.5-devel-2.5.9-150000.4.41.1 * ruby2.5-2.5.9-150000.4.41.1 * SUSE Manager Proxy 4.3 (x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.41.1 * ruby2.5-stdlib-2.5.9-150000.4.41.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-2.5.9-150000.4.41.1 * ruby2.5-debugsource-2.5.9-150000.4.41.1 * ruby2.5-debuginfo-2.5.9-150000.4.41.1 * ruby2.5-devel-2.5.9-150000.4.41.1 * ruby2.5-2.5.9-150000.4.41.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.41.1 * ruby2.5-stdlib-2.5.9-150000.4.41.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-2.5.9-150000.4.41.1 * ruby2.5-debugsource-2.5.9-150000.4.41.1 * ruby2.5-debuginfo-2.5.9-150000.4.41.1 * ruby2.5-devel-2.5.9-150000.4.41.1 * ruby2.5-2.5.9-150000.4.41.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) *ruby2.5-devel-extra-2.5.9-150000.4.41.1 * ruby2.5-stdlib-2.5.9-150000.4.41.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-2.5.9-150000.4.41.1 * ruby2.5-debugsource-2.5.9-150000.4.41.1 * ruby2.5-debuginfo-2.5.9-150000.4.41.1 * ruby2.5-devel-2.5.9-150000.4.41.1 * ruby2.5-2.5.9-150000.4.41.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.41.1 * ruby2.5-stdlib-2.5.9-150000.4.41.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-2.5.9-150000.4.41.1 * ruby2.5-debugsource-2.5.9-150000.4.41.1 * ruby2.5-debuginfo-2.5.9-150000.4.41.1 * ruby2.5-devel-2.5.9-150000.4.41.1 * ruby2.5-2.5.9-150000.4.41.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.41.1 * ruby2.5-stdlib-2.5.9-150000.4.41.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-2.5.9-150000.4.41.1 * ruby2.5-debugsource-2.5.9-150000.4.41.1 * ruby2.5-debuginfo-2.5.9-150000.4.41.1 * ruby2.5-doc-2.5.9-150000.4.41.1 * ruby2.5-devel-2.5.9-150000.4.41.1 * ruby2.5-2.5.9-150000.4.41.1 * openSUSE Leap 15.6 (noarch) * ruby2.5-doc-ri-2.5.9-150000.4.41.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.41.1 * ruby2.5-stdlib-2.5.9-150000.4.41.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-2.5.9-150000.4.41.1 * ruby2.5-debugsource-2.5.9-150000.4.41.1 * ruby2.5-debuginfo-2.5.9-150000.4.41.1 * ruby2.5-devel-2.5.9-150000.4.41.1 * ruby2.5-2.5.9-150000.4.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.41.1 * ruby2.5-stdlib-2.5.9-150000.4.41.1 *ruby2.5-stdlib-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-2.5.9-150000.4.41.1 * ruby2.5-debugsource-2.5.9-150000.4.41.1 * ruby2.5-debuginfo-2.5.9-150000.4.41.1 * ruby2.5-devel-2.5.9-150000.4.41.1 * ruby2.5-2.5.9-150000.4.41.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.41.1 * ruby2.5-stdlib-2.5.9-150000.4.41.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-2.5.9-150000.4.41.1 * ruby2.5-debugsource-2.5.9-150000.4.41.1 * ruby2.5-debuginfo-2.5.9-150000.4.41.1 * ruby2.5-devel-2.5.9-150000.4.41.1 * ruby2.5-2.5.9-150000.4.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.41.1 * ruby2.5-stdlib-2.5.9-150000.4.41.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-2.5.9-150000.4.41.1 * ruby2.5-debugsource-2.5.9-150000.4.41.1 * ruby2.5-debuginfo-2.5.9-150000.4.41.1 * ruby2.5-devel-2.5.9-150000.4.41.1 * ruby2.5-2.5.9-150000.4.41.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.41.1 * ruby2.5-stdlib-2.5.9-150000.4.41.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-2.5.9-150000.4.41.1 * ruby2.5-debugsource-2.5.9-150000.4.41.1 * ruby2.5-debuginfo-2.5.9-150000.4.41.1 * ruby2.5-devel-2.5.9-150000.4.41.1 * ruby2.5-2.5.9-150000.4.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.41.1 * ruby2.5-stdlib-2.5.9-150000.4.41.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.41.1 *libruby2_5-2_5-2.5.9-150000.4.41.1 * ruby2.5-debugsource-2.5.9-150000.4.41.1 * ruby2.5-debuginfo-2.5.9-150000.4.41.1 * ruby2.5-devel-2.5.9-150000.4.41.1 * ruby2.5-2.5.9-150000.4.41.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.41.1 * ruby2.5-stdlib-2.5.9-150000.4.41.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-2.5.9-150000.4.41.1 * ruby2.5-debugsource-2.5.9-150000.4.41.1 * ruby2.5-debuginfo-2.5.9-150000.4.41.1 * ruby2.5-devel-2.5.9-150000.4.41.1 * ruby2.5-2.5.9-150000.4.41.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * ruby2.5-devel-extra-2.5.9-150000.4.41.1 * ruby2.5-stdlib-2.5.9-150000.4.41.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.41.1 * libruby2_5-2_5-2.5.9-150000.4.41.1 * ruby2.5-debugsource-2.5.9-150000.4.41.1 * ruby2.5-debuginfo-2.5.9-150000.4.41.1 * ruby2.5-devel-2.5.9-150000.4.41.1 * ruby2.5-2.5.9-150000.4.41.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47220.html * https://www.suse.com/security/cve/CVE-2025-27219.html * https://www.suse.com/security/cve/CVE-2025-27220.html * https://bugzilla.suse.com/show_bug.cgi?id=1230930 * https://bugzilla.suse.com/show_bug.cgi?id=1235773 * https://bugzilla.suse.com/show_bug.cgi?id=1237804 * https://bugzilla.suse.com/show_bug.cgi?id=1237806 . Essential security patch released for ruby2.5 in openSUSE, tackling various risks and vulnerabilities thoroughly.. ruby2.5 update, openSUSE security, ruby vulnerabilities, patch management, denial of service fix. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Apr 24, 2025 Important OpenSUSE
89

Fedora 40: 2025-a778f51bce Security Advisory for man2html Updates

Refresh patches Add -std=gnu17 to CFLAGS to fix the build 042-man2html-CVE-2021-40647.patch Add more patches from Debian. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-a778f51bce 2025-03-07 03:41:49.695819+00:00 -------------------------------------------------------------------------------- Name : man2html Product : Fedora 40 Version : 1.6 Release : 39.g.fc40 URL : Summary : Convert man pages to HTML - CGI scripts Description : man2html is a man page to HTML converter. This package contains CGI scripts that allow you to view, browse, and search man pages using a web server. -------------------------------------------------------------------------------- Update Information: Refresh patches Add -std=gnu17 to CFLAGS to fix the build 042-man2html-CVE-2021-40647.patch Add more patches from Debian -------------------------------------------------------------------------------- ChangeLog: * Wed Feb 26 2025 Sérgio Basto - 1.6-39.g - Add more patches from Debian 004-spelling.patch 011-man2html-doctype-status.patch 012-man2html-TH.patch 013-man2html-file-link.patch 030-man2html-man-hyphens.patch 032-man2html-man-remove-LO-tags.patch 034-UTF8-charset.patch 036-fix-tbl-font-parsing.patch 037-man2html-Nm-and-Bk-mdoc.patch 038-man2html-colon-escape-sequence.patch 042-man2html-CVE-2021-40647.patch 043-man2html-fix-asan-issues.patch man2html-ungzip.patch rename to 024-man2html-uncompress.patch * Tue Feb 25 2025 Sérgio Basto - 1.6-38.g - Add -std=gnu17 to CFLAGS to fix the build * Fri Jan 17 2025 Fedora Release Engineering - 1.6-37.g - Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild * Thu Jul 18 2024 Fedora Release Engineering - 1.6-36.g - Rebuilt forhttps://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2126814 - CVE-2021-40647 man2html: sys-apps/man2html: multiple vulnerabilities [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2126814 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-a778f51bce' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- . Ubuntu 22.04 update addresses CUPS privacy issues with code enhancements and system optimizations for better usability. Fedora 40 man2html update, security patches, build adjustments. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 07, 2025 Important Fedora
99

Slackware 15.0: 2025-036-01 critical: curl security issues resolved

New curl packages are available for Slackware 15.0 and -current to fix security issues. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] curl (SSA:2025-036-01) New curl packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/curl-8.12.0-i586-1_slack15.0.txz: Upgraded. This release fixes the following security issues: gzip integer overflow eventfd double close netrc and default credential leak For more information, see: https://curl.se/docs/CVE-2025-0725.html https://curl.se/docs/CVE-2025-0665.html https://curl.se/docs/CVE-2025-0167.html https://www.cve.org/CVERecord?id=CVE-2025-0725 https://www.cve.org/CVERecord?id=CVE-2025-0665 https://www.cve.org/CVERecord?id=CVE-2025-0167 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/curl-8.12.0-i586-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/curl-8.12.0-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/curl-8.12.0-i686-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/curl-8.12.0-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: c95c2441f88525aca101a560b756abe4 curl-8.12.0-i586-1_slack15.0.txz Slackware x86_64 15.0 package: 63cdb7478aee72014108e955ab4f0e3e curl-8.12.0-x86_64-1_slack15.0.txz Slackware -currentpackage: 6bae28f544f54160e06c4b86b0faaa2d n/curl-8.12.0-i686-1.txz Slackware x86_64 -current package: 8b9ccf398ab7a9e4527ecdca6f6a0970 n/curl-8.12.0-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg curl-8.12.0-i586-1_slack15.0.txz +-----+ . Boost your Slackware setup by upgrading to the latest curl packages. This step is crucial for addressing serious security vulnerabilities and ensuring system integrity. curl packages, Slackware updates, security fixes, software updates. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Feb 05, 2025 Critical Slackware
100

SUSE: 2024:1208-1 Critical: Security Flaw In Linux Kernel Live Update

* bsc#1219296 Cross-References: * CVE-2023-52340 . # Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1207-1 Rating: important References: * bsc#1219296 Cross-References: * CVE-2023-52340 CVSS scores: * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_150 fixes one issue. The following security issue was fixed: * CVE-2023-52340: Fixed ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-1219=1 SUSE-SLE-Live- Patching-12-SP5-2024-1207=1 SUSE-SLE-Live-Patching-12-SP5-2024-1208=1 SUSE-SLE- Live-Patching-12-SP5-2024-1209=1 SUSE-SLE-Live-Patching-12-SP5-2024-1210=1 SUSE- SLE-Live-Patching-12-SP5-2024-1211=1SUSE-SLE-Live-Patching-12-SP5-2024-1212=1 SUSE-SLE-Live-Patching-12-SP5-2024-1213=1 SUSE-SLE-Live- Patching-12-SP5-2024-1214=1 SUSE-SLE-Live-Patching-12-SP5-2024-1215=1 SUSE-SLE- Live-Patching-12-SP5-2024-1216=1 SUSE-SLE-Live-Patching-12-SP5-2024-1217=1 SUSE- SLE-Live-Patching-12-SP5-2024-1218=1 * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1227=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1247=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1247=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_165-default-9-2.1 * kgraft-patch-4_12_14-122_179-default-6-2.1 * kgraft-patch-4_12_14-122_150-default-14-2.2 * kgraft-patch-4_12_14-122_153-default-12-2.1 * kgraft-patch-4_12_14-122_176-default-7-2.1 * kgraft-patch-4_12_14-122_173-default-8-2.1 * kgraft-patch-4_12_14-122_194-default-3-2.1 * kgraft-patch-4_12_14-122_189-default-4-2.1 * kgraft-patch-4_12_14-122_183-default-6-2.1 * kgraft-patch-4_12_14-122_186-default-5-2.1 * kgraft-patch-4_12_14-122_162-default-10-2.1 * kgraft-patch-4_12_14-122_156-default-12-2.1 * kgraft-patch-4_12_14-122_159-default-11-2.1 * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP2_Update_45-debugsource-4-150200.2.1 * kernel-livepatch-5_3_18-150200_24_178-default-4-150200.2.1 * kernel-livepatch-5_3_18-150200_24_178-default-debuginfo-4-150200.2.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_150-default-4-150300.2.1 * kernel-livepatch-5_3_18-150300_59_150-default-debuginfo-4-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_41-debugsource-4-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_150-preempt-4-150300.2.1 *kernel-livepatch-5_3_18-150300_59_150-preempt-debuginfo-4-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_150-default-4-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52340.html * https://bugzilla.suse.com/show_bug.cgi?id=1219296 . Important SUSE Linux Kernel patch issued addressing a significant Denial of Service vulnerability concerning ICMPv6 packets across multiple distributions.. SUSE Linux Kernel, Live Patch, Security Issue, DoS Protection, Linux Security Update. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Apr 11, 2024 Critical SuSE
100

SUSE: 2024:92-1 low: bci/dotnet-sdk tar security update

The container bci/dotnet-sdk was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/dotnet-sdk ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:92-1 Container Tags : bci/dotnet-sdk:6.0 , bci/dotnet-sdk:6.0-18.1 , bci/dotnet-sdk:6.0.25 , bci/dotnet-sdk:6.0.25-18.1 Container Release : 18.1 Severity : low Type : security References : 1217969 CVE-2023-39804 ----------------------------------------------------------------- The container bci/dotnet-sdk was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:70-1 Released: Tue Jan 9 18:29:39 2024 Summary: Security update for tar Type: security Severity: low References: 1217969,CVE-2023-39804 This update for tar fixes the following issues: - CVE-2023-39804: Fixed extension attributes in PAX archives incorrect hanling (bsc#1217969). The following package changes have been done: - tar-1.34-150000.3.34.1 updated - container:sles15-image-15.0.0-36.5.71 updated . SUSE Container Security Alert regarding bci/python modifications addresses slight weaknesses in zip. Keep your environments protected!. bci/dotnet-sdk, container updates, tar security patches. . Severity: Low. LinuxSecurity.com Team

Calendar%202 Jan 10, 2024 Low SuSE
100

SUSE: 2023:4254-1 moderate: postgres security update advisory

The container suse/postgres was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/postgres ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:4254-1 Container Tags : suse/postgres:16 , suse/postgres:16-2.13 , suse/postgres:16.1 , suse/postgres:16.1-2.13 , suse/postgres:latest Container Release : 2.13 Severity : moderate Type : security References : 1201384 1218014 CVE-2023-50495 ----------------------------------------------------------------- The container suse/postgres was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:4891-1 Released: Mon Dec 18 16:31:49 2023 Summary: Security update for ncurses Type: security Severity: moderate References: 1201384,1218014,CVE-2023-50495 This update for ncurses fixes the following issues: - CVE-2023-50495: Fixed a segmentation fault via _nc_wrap_entry() (bsc#1218014) - Modify reset command to avoid altering clocal if the terminal uses a modem (bsc#1201384) The following package changes have been done: - libncurses6-6.1-150000.5.20.1 updated - terminfo-base-6.1-150000.5.20.1 updated - ncurses-utils-6.1-150000.5.20.1 updated - container:sles15-image-15.0.0-36.5.67 updated . SUSE Container Advisory for suse/postgres includes patches for moderate security issues and enhancements.. SUSE Container Update,SUSE/Postgres Security Update,Moderate Security Advisory. . LinuxSecurity.com Team

Calendar%202 Dec 22, 2023 SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200