Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 523
Alerts This Week
Warning Icon 1 523

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 72 articles for you...
172

Ubuntu 20.04 LTS Linux Kernel Important Privilege Escalation Fix USN-8439-1

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8439-1 June 16, 2026 linux-oracle-5.15 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-oracle-5.15: Linux kernel for Oracle Cloud systems Details: Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-2640) Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-32629) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - NVME drivers; - SMB network file system; - Netfilter; - io_uring subsystem; (CVE-2024-35862, CVE-2024-50060, CVE-2026-23112, CVE-2026-23273, CVE-2026-23274, CVE-2026-23351) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS linux-image-5.15.0-1104-oracle 5.15.0-1104.110~20.04.1 Available with Ubuntu Pro linux-image-oracle 5.15.0.1104.110~20.04.1 Available with Ubuntu Pro linux-image-oracle-5.15 5.15.0.1104.110~20.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessarychanges. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8439-1 CVE-2023-2640, CVE-2023-32629, CVE-2024-35862, CVE-2024-50060, CVE-2026-23112, CVE-2026-23273, CVE-2026-23274, CVE-2026-23351 . Updates for Ubuntu 20.04 LTS fix kernel security flaws, addressing critical permission issues and potential exploits.. Ubuntu kernel patch, security update Ubuntu, local attack prevention. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jun 16, 2026 Critical Ubuntu
172

Ubuntu 22.04 LTS Kernel Access Issues Identified in USN-8255-1 Alert

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8255-1 May 07, 2026 linux, linux-aws, linux-aws-5.15, linux-aws-fips, linux-azure, linux-azure-fips, linux-fips, linux-gcp, linux-gcp-fips, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iot-realtime, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-nvidia-tegra, linux-nvidia-tegra-igx, linux-oracle, linux-realtime vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-aws-fips: Linux kernel for Amazon Web Services (AWS) systems with FIPS - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fips: Linux kernel for Microsoft Azure Cloud systems with FIPS - linux-fips: Linux kernel with FIPS - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-gcp-fips: Linux kernel for Google Cloud Platform (GCP) systems with FIPS - linux-gke: Linux kernel for Google Container Engine (GKE) systems - linux-gkeop: Linux kernel for Google Container Engine (GKE) systems - linux-ibm: Linux kernel for IBM cloud systems - linux-intel-iot-realtime: Linux kernel for Intel IoT Real-time platforms - linux-intel-iotg: Linux kernel for Intel IoT platforms - linux-kvm: Linux kernel for cloud environments - linux-lowlatency: Linux low latency kernel - linux-nvidia: Linux kernel for NVIDIA systems - linux-nvidia-tegra: Linux kernel for NVIDIA Tegra systems - linux-nvidia-tegra-igx: Linux kernel for NVIDIA Tegra IGX systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-realtime: Linux kernel for Real-timesystems - linux-aws-5.15: Linux kernel for Amazon Web Services (AWS) systems - linux-hwe-5.15: Linux hardware enablement (HWE) kernel - linux-ibm-5.15: Linux kernel for IBM cloud systems - linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms - linux-lowlatency-hwe-5.15: Linux low latency kernel Details: Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-2640) Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. (CVE-2023-32629) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - NVME drivers; (CVE-2026-23112, CVE-2026-23273) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS linux-image-5.15.0-1047-nvidia-tegra-igx 5.15.0-1047.47 linux-image-5.15.0-1047-nvidia-tegra-igx-rt 5.15.0-1047.47 linux-image-5.15.0-1058-nvidia-tegra 5.15.0-1058.58 linux-image-5.15.0-1058-nvidia-tegra-rt 5.15.0-1058.58 linux-image-5.15.0-1089-gkeop 5.15.0-1089.97 linux-image-5.15.0-1098-intel-iot-realtime 5.15.0-1098.100 Available with Ubuntu Pro linux-image-5.15.0-1098-kvm 5.15.0-1098.103 linux-image-5.15.0-1100-ibm 5.15.0-1100.103 linux-image-5.15.0-1101-intel-iotg 5.15.0-1101.107 linux-image-5.15.0-1101-nvidia 5.15.0-1101.102 linux-image-5.15.0-1101-nvidia-lowlatency 5.15.0-1101.102 linux-image-5.15.0-1102-gke 5.15.0-1102.108 linux-image-5.15.0-1103-oracle 5.15.0-1103.109 linux-image-5.15.0-1105-realtime 5.15.0-1105.114 Available with Ubuntu Pro linux-image-5.15.0-1106-aws 5.15.0-1106.113 linux-image-5.15.0-1106-aws-64k 5.15.0-1106.113 linux-image-5.15.0-1106-aws-fips 5.15.0-1106.113+fips1 Available with Ubuntu Pro linux-image-5.15.0-1106-gcp 5.15.0-1106.115 linux-image-5.15.0-1106-gcp-fips 5.15.0-1106.115+fips1 Available with Ubuntu Pro linux-image-5.15.0-1111-azure 5.15.0-1111.120 linux-image-5.15.0-1111-azure-fips 5.15.0-1111.120+fips1 Available with Ubuntu Pro linux-image-5.15.0-177-fips 5.15.0-177.187+fips1 Available with Ubuntu Pro linux-image-5.15.0-177-generic 5.15.0-177.187 linux-image-5.15.0-177-generic-64k 5.15.0-177.187 linux-image-5.15.0-177-generic-lpae 5.15.0-177.187 linux-image-5.15.0-177-lowlatency 5.15.0-177.187 linux-image-5.15.0-177-lowlatency-64k 5.15.0-177.187 linux-image-aws-5.15 5.15.0.1106.109 linux-image-aws-64k-5.15 5.15.0.1106.109 linux-image-aws-64k-lts-22.04 5.15.0.1106.109 linux-image-aws-fips 5.15.0.1106.102 Available with Ubuntu Pro linux-image-aws-fips-5.15 5.15.0.1106.102 Available with Ubuntu Pro linux-image-aws-lts-22.04 5.15.0.1106.109 linux-image-azure-5.15 5.15.0.1111.109 linux-image-azure-fips 5.15.0.1111.96 Available with Ubuntu Pro linux-image-azure-fips-5.15 5.15.0.1111.96 Available with Ubuntu Pro linux-image-azure-lts-22.04 5.15.0.1111.109 linux-image-fips 5.15.0.177.103 Available with Ubuntu Pro linux-image-fips-5.15 5.15.0.177.103 Available with Ubuntu Pro linux-image-gcp-5.15 5.15.0.1106.102 linux-image-gcp-fips 5.15.0.1106.96 Available with Ubuntu Pro linux-image-gcp-fips-5.15 5.15.0.1106.96 Available with Ubuntu Pro linux-image-gcp-lts-22.04 5.15.0.1106.102 linux-image-generic 5.15.0.177.162 linux-image-generic-5.15 5.15.0.177.162 linux-image-generic-64k 5.15.0.177.162 linux-image-generic-64k-5.15 5.15.0.177.162 linux-image-generic-lpae 5.15.0.177.162 linux-image-generic-lpae-5.15 5.15.0.177.162 linux-image-gke 5.15.0.1102.101 linux-image-gke-5.15 5.15.0.1102.101 linux-image-gkeop 5.15.0.1089.88 linux-image-gkeop-5.15 5.15.0.1089.88 linux-image-ibm 5.15.0.1100.96 linux-image-ibm-5.15 5.15.0.1100.96 linux-image-intel-iot-realtime 5.15.0.1098.102 Available with Ubuntu Pro linux-image-intel-iot-realtime-5.15 5.15.0.1098.102 Available with Ubuntu Pro linux-image-intel-iotg 5.15.0.1101.100 linux-image-intel-iotg-5.15 5.15.0.1101.100 linux-image-kvm 5.15.0.1098.94 linux-image-kvm-5.15 5.15.0.1098.94 linux-image-lowlatency 5.15.0.177.149 linux-image-lowlatency-5.15 5.15.0.177.149 linux-image-lowlatency-64k 5.15.0.177.149 linux-image-lowlatency-64k-5.15 5.15.0.177.149 linux-image-nvidia 5.15.0.1101.101 linux-image-nvidia-5.15 5.15.0.1101.101 linux-image-nvidia-lowlatency 5.15.0.1101.101 linux-image-nvidia-lowlatency-5.15 5.15.0.1101.101 linux-image-nvidia-tegra 5.15.0.1058.58 linux-image-nvidia-tegra-5.15 5.15.0.1058.58 linux-image-nvidia-tegra-igx 5.15.0.1047.49 linux-image-nvidia-tegra-igx-5.15 5.15.0.1047.49 linux-image-nvidia-tegra-igx-rt 5.15.0.1047.49 linux-image-nvidia-tegra-igx-rt-5.15 5.15.0.1047.49 linux-image-nvidia-tegra-rt 5.15.0.1058.58 linux-image-nvidia-tegra-rt-5.15 5.15.0.1058.58 linux-image-oracle-5.15 5.15.0.1103.99 linux-image-oracle-lts-22.04 5.15.0.1103.99 linux-image-realtime 5.15.0.1105.109 Available with Ubuntu Pro linux-image-realtime-5.15 5.15.0.1105.109 Available with Ubuntu Pro linux-image-virtual 5.15.0.177.162 linux-image-virtual-5.15 5.15.0.177.162 Ubuntu 20.04 LTS linux-image-5.15.0-1100-ibm 5.15.0-1100.103~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-1101-intel-iotg 5.15.0-1101.107~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-1106-aws 5.15.0-1106.113~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-177-generic 5.15.0-177.187~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-177-generic-64k 5.15.0-177.187~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-177-generic-lpae 5.15.0-177.187~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-177-lowlatency 5.15.0-177.187~20.04.1 Available with Ubuntu Pro linux-image-5.15.0-177-lowlatency-64k 5.15.0-177.187~20.04.1 Available with Ubuntu Pro linux-image-aws 5.15.0.1106.113~20.04.1 Available with Ubuntu Pro linux-image-aws-5.15 5.15.0.1106.113~20.04.1 Available with Ubuntu Pro linux-image-generic-5.15 5.15.0.177.187~20.04.1 Available with Ubuntu Pro linux-image-generic-64k-5.15 5.15.0.177.187~20.04.1 Available with Ubuntu Pro linux-image-generic-64k-hwe-20.04 5.15.0.177.187~20.04.1 Available with Ubuntu Pro linux-image-generic-hwe-20.04 5.15.0.177.187~20.04.1 Available with Ubuntu Pro linux-image-generic-lpae-5.15 5.15.0.177.187~20.04.1 Available with Ubuntu Pro linux-image-generic-lpae-hwe-20.04 5.15.0.177.187~20.04.1 Available with Ubuntu Pro linux-image-ibm 5.15.0.1100.103~20.04.1 Available with Ubuntu Pro linux-image-ibm-5.15 5.15.0.1100.103~20.04.1 Available with Ubuntu Pro linux-image-intel 5.15.0.1101.107~20.04.1 Available with Ubuntu Pro linux-image-intel-iotg 5.15.0.1101.107~20.04.1 Available with Ubuntu Pro linux-image-intel-iotg-5.15 5.15.0.1101.107~20.04.1 Available with Ubuntu Pro linux-image-lowlatency-5.15 5.15.0.177.187~20.04.1 Available with Ubuntu Pro linux-image-lowlatency-64k-5.15 5.15.0.177.187~20.04.1 Available with Ubuntu Pro linux-image-lowlatency-64k-hwe-20.04 5.15.0.177.187~20.04.1 Available with Ubuntu Pro linux-image-lowlatency-hwe-20.04 5.15.0.177.187~20.04.1 Available with Ubuntu Pro linux-image-oem-20.04 5.15.0.177.187~20.04.1 Available with Ubuntu Pro linux-image-oem-20.04b 5.15.0.177.187~20.04.1 Available with Ubuntu Pro linux-image-oem-20.04c 5.15.0.177.187~20.04.1 Available with Ubuntu Pro linux-image-oem-20.04d 5.15.0.177.187~20.04.1 Available with Ubuntu Pro linux-image-virtual-5.15 5.15.0.177.187~20.04.1 Available with Ubuntu Pro linux-image-virtual-hwe-20.04 5.15.0.177.187~20.04.1 Availablewith Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8255-1 CVE-2023-2640, CVE-2023-32629, CVE-2026-23112, CVE-2026-23273 Package Information: https://launchpad.net/ubuntu/+source/linux/5.15.0-177.187 https://launchpad.net/ubuntu/+source/linux-aws/5.15.0-1106.113 https://launchpad.net/ubuntu/+source/linux-aws-fips/5.15.0-1106.113+fips1 https://launchpad.net/ubuntu/+source/linux-azure/5.15.0-1111.120 https://launchpad.net/ubuntu/+source/linux-azure-fips/5.15.0-1111.120+fips1 https://launchpad.net/ubuntu/+source/linux-fips/5.15.0-177.187+fips1 https://launchpad.net/ubuntu/+source/linux-gcp/5.15.0-1106.115 https://launchpad.net/ubuntu/+source/linux-gcp-fips/5.15.0-1106.115+fips1 https://launchpad.net/ubuntu/+source/linux-gke/5.15.0-1102.108 https://launchpad.net/ubuntu/+source/linux-gkeop/5.15.0-1089.97 https://launchpad.net/ubuntu/+source/linux-ibm/5.15.0-1100.103 https://launchpad.net/ubuntu/+source/linux-intel-iot-realtime/5.15.0-1098.100 https://launchpad.net/ubuntu/+source/linux-intel-iotg/5.15.0-1101.107 https://launchpad.net/ubuntu/+source/linux-kvm/5.15.0-1098.103 https://launchpad.net/ubuntu/+source/linux-lowlatency/5.15.0-177.187 https://launchpad.net/ubuntu/+source/linux-nvidia/5.15.0-1101.102 https://launchpad.net/ubuntu/+source/linux-nvidia-tegra/5.15.0-1058.58 https://launchpad.net/ubuntu/+source/linux-nvidia-tegra-igx/5.15.0-1047.47 https://launchpad.net/ubuntu/+source/linux-oracle/5.15.0-1103.109 https://launchpad.net/ubuntu/+source/linux-realtime/5.15.0-1105.114 . Discover critical security updates for Ubuntu kernel fixing local privilege escalation issues and enhancing security.. Ubuntu Kernel Updates, Security Issues, Permission Vulnerabilities, Linux Kernel Security. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 May 07, 2026 Critical Ubuntu
100

SUSE PostgreSQL15 Notable RAM Usage Issues SUSE-SU-2026-22100-5

An update that solves two vulnerabilities can now be installed.. # Security update for postgresql13 Announcement ID: SUSE-SU-2026:20986-1 Release Date: 2026-03-30T15:14:07Z Rating: important References: * bsc#1253332 * bsc#1253333 Cross-References: * CVE-2025-12817 * CVE-2025-12818 CVSS scores: * CVE-2025-12817 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-12817 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-12817 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-12818 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-12818 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-12818 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server - BCI 16.0 An update that solves two vulnerabilities can now be installed. ## Description: This update for postgresql13 fixes the following issues: Security fixes: * CVE-2025-12817: Fixed missing check for CREATE privileges on the schema in CREATE STATISTICS allowed table owners to create statistics in any schema, potentially leading to unexpected naming conflicts (bsc#1253332) * CVE-2025-12818: Fixed several places in libpq were not sufficiently careful about computing the required size of a memory allocation. Sufficiently large inputs could cause integer overflow, resulting in an undersized buffer, which would then lead to writing past the end of the buffer (bsc#1253333) Other fixes: * Update to 13.23 * https://www.postgresql.org/about/news/p-3171/ * https://www.postgresql.org/docs/release/13.23 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server - BCI 16.0 zypper in -t patchSUSE-SLES-16.0-467=1 ## Package List: * SUSE Linux Enterprise Server - BCI 16.0 (aarch64 ppc64le s390x x86_64) * postgresql13-pltcl-13.23-160000.1.1 * postgresql13-server-devel-13.23-160000.1.1 * postgresql13-13.23-160000.1.1 * postgresql13-devel-debuginfo-13.23-160000.1.1 * postgresql13-contrib-debuginfo-13.23-160000.1.1 * postgresql13-devel-13.23-160000.1.1 * postgresql13-plpython-13.23-160000.1.1 * postgresql13-server-13.23-160000.1.1 * postgresql13-server-debuginfo-13.23-160000.1.1 * postgresql13-server-devel-debuginfo-13.23-160000.1.1 * postgresql13-plpython-debuginfo-13.23-160000.1.1 * postgresql13-plperl-13.23-160000.1.1 * postgresql13-contrib-13.23-160000.1.1 * postgresql13-pltcl-debuginfo-13.23-160000.1.1 * postgresql13-debugsource-13.23-160000.1.1 * postgresql13-plperl-debuginfo-13.23-160000.1.1 * postgresql13-debuginfo-13.23-160000.1.1 * SUSE Linux Enterprise Server - BCI 16.0 (noarch) * postgresql13-docs-13.23-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-12817.html * https://www.suse.com/security/cve/CVE-2025-12818.html * https://bugzilla.suse.com/show_bug.cgi?id=1253332 * https://bugzilla.suse.com/show_bug.cgi?id=1253333 . Two important security issues in PostgreSQL13 for SUSE fixes allow for unexpected naming conflicts and overflow risks.. PostgreSQL13 Security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Apr 09, 2026 Important SuSE
203

Mageia 9 python-django Important Permissions Issue Fix MGASA-2026-0050

MGASA-2026-0050 - Updated python-django packages fix security vulnerability. MGASA-2026-0050 - Updated python-django packages fix security vulnerability Publication date: 06 Mar 2026 URL: https://advisories.mageia.org/MGASA-2026-0050.html Type: security Affected Mageia releases: 9 CVE: CVE-2026-25674 Description: Potential incorrect permissions on newly created file system objects. (CVE-2026-25674) References: - https://bugs.mageia.org/show_bug.cgi?id=35176 - https://www.openwall.com/lists/oss-security/2026/03/03/3 - https://www.cve.org/CVERecord?id=CVE-2026-25674 SRPMS: - 9/core/python-django-4.1.13-1.11.mga9 . Updated python-django packages for Mageia address permissions issue in CVE-2026-25674. Critical patches are now available.. Mageia python-django security patch, CVE-2026-25674 fix, permissions vulnerability Mageia, important security advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 06, 2026 Important Mageia
100

Resolving openSUSE python-Django Moderate Permission Issue CVE-2026-25674

An update that solves one vulnerability can now be installed.. # Security update for python-Django Announcement ID: SUSE-SU-2026:0821-1 Release Date: 2026-03-05T11:43:16Z Rating: moderate References: * bsc#1259142 Cross-References: * CVE-2026-25674 CVSS scores: * CVE-2026-25674 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-25674 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-25674 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 * SUSE Package Hub 15 15-SP7 An update that solves one vulnerability can now be installed. ## Description: This update for python-Django fixes the following issue: * CVE-2026-25674: race condition can lead to potential incorrect permissions on newly created file system objects (bsc#1259142). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-821=1 openSUSE-SLE-15.6-2026-821=1 * SUSE Package Hub 15 15-SP7 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-821=1 ## Package List: * openSUSE Leap 15.6 (noarch) * python311-Django-4.2.11-150600.3.50.1 * SUSE Package Hub 15 15-SP7 (noarch) * python311-Django-4.2.11-150600.3.50.1 ## References: * https://www.suse.com/security/cve/CVE-2026-25674.html * https://bugzilla.suse.com/show_bug.cgi?id=1259142 . Install the python-Django update for openSUSE to resolve permission issues tied to CVE-2026-25674 effectively.. python-Django update, openSUSE update, security patch, permission issue, CVE resolution. . LinuxSecurity.com Team

Calendar%202 Mar 05, 2026 SuSE
100

SUSE: Xen Moderate Permission Issue CVE-2025-58149 Advisory 2025:4490-1

An update that solves one vulnerability and has two security fixes can now be installed.. # Security update for xen Announcement ID: SUSE-SU-2025:4490-1 Release Date: 2025-12-19T11:17:13Z Rating: moderate References: * bsc#1027519 * bsc#1252692 * bsc#1254180 Cross-References: * CVE-2025-58149 CVSS scores: * CVE-2025-58149 ( SUSE ): 4.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2025-58149 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2025-58149 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for xen fixes the following issues: Update to Xen 4.17.6. Security issues fixed: * CVE-2025-58149: incorrect removal of permissions on PCI device unplug allows PV guests to access memory of devices no longer assigned to them (bsc#1252692). Other issues fixed: * Several upstream bug fixes (bsc#1027519). * Failure to restart xenstored (bsc#1254180). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-4490=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-4490=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64 i586) * xen-tools-domU-debuginfo-4.17.6_02-150500.3.56.1 * xen-debugsource-4.17.6_02-150500.3.56.1 * xen-devel-4.17.6_02-150500.3.56.1 * xen-libs-debuginfo-4.17.6_02-150500.3.56.1 * xen-libs-4.17.6_02-150500.3.56.1 * xen-tools-domU-4.17.6_02-150500.3.56.1 * openSUSE Leap 15.5 (x86_64) *xen-libs-32bit-debuginfo-4.17.6_02-150500.3.56.1 * xen-libs-32bit-4.17.6_02-150500.3.56.1 * openSUSE Leap 15.5 (aarch64 x86_64) * xen-tools-4.17.6_02-150500.3.56.1 * xen-doc-html-4.17.6_02-150500.3.56.1 * xen-4.17.6_02-150500.3.56.1 * xen-tools-debuginfo-4.17.6_02-150500.3.56.1 * openSUSE Leap 15.5 (noarch) * xen-tools-xendomains-wait-disk-4.17.6_02-150500.3.56.1 * openSUSE Leap 15.5 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.17.6_02-150500.3.56.1 * xen-libs-64bit-4.17.6_02-150500.3.56.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * xen-libs-debuginfo-4.17.6_02-150500.3.56.1 * xen-debugsource-4.17.6_02-150500.3.56.1 * xen-libs-4.17.6_02-150500.3.56.1 ## References: * https://www.suse.com/security/cve/CVE-2025-58149.html * https://bugzilla.suse.com/show_bug.cgi?id=1027519 * https://bugzilla.suse.com/show_bug.cgi?id=1252692 * https://bugzilla.suse.com/show_bug.cgi?id=1254180 . Update resolves security issue in Xen application for SUSE users, addressing permission removal flaws.. SUSE Xen Security Update, Memory Access Control, Linux Application Fix. . LinuxSecurity.com Team

Calendar%202 Dec 19, 2025 SuSE
100

SUSE: Critical Security Update for Multi-Linux Manager 5.0.6 CVE-2025-62348

An update that solves two vulnerabilities, contains one feature and has six security fixes can now be installed.. # Security update 5.0.6 for Multi-Linux Manager Salt Bundle Announcement ID: SUSE-SU-2025:4474-1 Release Date: 2025-12-18T12:07:58Z Rating: important References: * bsc#1227207 * bsc#1245740 * bsc#1250520 * bsc#1251776 * bsc#1252244 * bsc#1252285 * bsc#1254256 * bsc#1254257 * jsc#MSQA-1034 Cross-References: * CVE-2025-62348 * CVE-2025-62349 CVSS scores: * CVE-2025-62348 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-62348 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-62349 ( SUSE ): 7.5 CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2025-62349 ( SUSE ): 6.2 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L Affected Products: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 An update that solves two vulnerabilities, contains one feature and has six security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security issues fixed: * CVE-2025-62349: Added minimum_auth_version to enforce security (bsc#1254257) * CVE-2025-62348: Fixed Junos module yaml loader (bsc#1254256) * Backport security fixes for vendored tornado * BDSA-2024-3438 * BDSA-2024-3439 * BDSA-2024-9026 * Other changes and bugs fixed: * Fixed TLS and x509 modules for OSes with older cryptography module * Fixed Salt for Python > 3.11 (bsc#1252285, bsc#1252244) * Use external tornado on Python > 3.11 * Make tls and x509 to use python-cryptography * Remove usage of spwd * Fixed payload signature verification on Tumbleweed (bsc#1251776) * Fixed broken symlink on migration to Leap 16.0 (bsc#1250755) * Fixed known_hosts error on gitfs (bsc#1250520, bsc#1227207) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSErecommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 zypper in -t patch SUSE-EL-9-CLIENT-TOOLS-2025-4474=1 ## Package List: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (aarch64 ppc64le s390x x86_64) * venv-salt-minion-3006.0-1.64.1 ## References: * https://www.suse.com/security/cve/CVE-2025-62348.html * https://www.suse.com/security/cve/CVE-2025-62349.html * https://bugzilla.suse.com/show_bug.cgi?id=1227207 * https://bugzilla.suse.com/show_bug.cgi?id=1245740 * https://bugzilla.suse.com/show_bug.cgi?id=1250520 * https://bugzilla.suse.com/show_bug.cgi?id=1251776 * https://bugzilla.suse.com/show_bug.cgi?id=1252244 * https://bugzilla.suse.com/show_bug.cgi?id=1252285 * https://bugzilla.suse.com/show_bug.cgi?id=1254256 * https://bugzilla.suse.com/show_bug.cgi?id=1254257 * https://jira.suse.com/login.jsp?permissionViolation=true&os_destination=https%3A%2F%2Fjira.suse.com%2Fbrowse%2FMSQA-1034 . Security update 5.0.6 for Multi-Linux Manager addressing vulnerabilities and providing vital fixes.. Salt Bundle Update, Multi-Linux Manager Security, SUSE Security Update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Dec 18, 2025 Important SuSE
202

openSUSE: Critical Permissions and Memory Leak Vulnerabilities 2025:4288-1

An update that solves two vulnerabilities can now be installed.. # Security update for containerd Announcement ID: SUSE-SU-2025:4288-1 Release Date: 2025-11-28T08:26:39Z Rating: important References: * bsc#1253126 * bsc#1253132 Cross-References: * CVE-2024-25621 * CVE-2025-64329 CVSS scores: * CVE-2024-25621 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-25621 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-25621 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-64329 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-64329 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-64329 ( NVD ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Basesystem Module 15-SP7 * Containers Module 15-SP6 * Containers Module 15-SP7 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux EnterpriseReal Time 15 SP7 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for containerd fixes the following issues: * Update to containerd v1.7.29 * CVE-2024-25621: Fixed an overly broad default permission vulnerability. (bsc#1253126) * CVE-2025-64329: Fixed a goroutine leaks which can lead to memory exhaustion on the host. (bsc#1253132) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4288=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4288=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-4288=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-4288=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-4288=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-4288=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-4288=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patchSUSE-SLE-Micro-5.3-2025-4288=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-4288=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-4288=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-4288=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-4288=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2025-4288=1 * Containers Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2025-4288=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4288=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4288=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4288=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4288=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4288=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4288=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4288=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4288=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4288=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * containerd-ctr-1.7.29-150000.128.1 * containerd-1.7.29-150000.128.1 * containerd-devel-1.7.29-150000.128.1 * SUSE Linux Enterprise Server forSAP Applications 15 SP5 (ppc64le x86_64) * containerd-ctr-1.7.29-150000.128.1 * containerd-1.7.29-150000.128.1 * containerd-devel-1.7.29-150000.128.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * containerd-ctr-1.7.29-150000.128.1 * containerd-1.7.29-150000.128.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * containerd-1.7.29-150000.128.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * containerd-1.7.29-150000.128.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * containerd-ctr-1.7.29-150000.128.1 * containerd-1.7.29-150000.128.1 * containerd-devel-1.7.29-150000.128.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * containerd-1.7.29-150000.128.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * containerd-1.7.29-150000.128.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * containerd-1.7.29-150000.128.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * containerd-1.7.29-150000.128.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * containerd-1.7.29-150000.128.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * containerd-1.7.29-150000.128.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * containerd-ctr-1.7.29-150000.128.1 * containerd-1.7.29-150000.128.1 * containerd-devel-1.7.29-150000.128.1 * Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64) * containerd-ctr-1.7.29-150000.128.1 * containerd-devel-1.7.29-150000.128.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * containerd-ctr-1.7.29-150000.128.1 * containerd-1.7.29-150000.128.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * containerd-ctr-1.7.29-150000.128.1 * containerd-1.7.29-150000.128.1 * containerd-devel-1.7.29-150000.128.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4(aarch64 x86_64) * containerd-ctr-1.7.29-150000.128.1 * containerd-1.7.29-150000.128.1 * containerd-devel-1.7.29-150000.128.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * containerd-ctr-1.7.29-150000.128.1 * containerd-1.7.29-150000.128.1 * containerd-devel-1.7.29-150000.128.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * containerd-ctr-1.7.29-150000.128.1 * containerd-1.7.29-150000.128.1 * containerd-devel-1.7.29-150000.128.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * containerd-ctr-1.7.29-150000.128.1 * containerd-1.7.29-150000.128.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * containerd-ctr-1.7.29-150000.128.1 * containerd-1.7.29-150000.128.1 * containerd-devel-1.7.29-150000.128.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * containerd-ctr-1.7.29-150000.128.1 * containerd-1.7.29-150000.128.1 * containerd-devel-1.7.29-150000.128.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * containerd-ctr-1.7.29-150000.128.1 * containerd-1.7.29-150000.128.1 ## References: * https://www.suse.com/security/cve/CVE-2024-25621.html * https://www.suse.com/security/cve/CVE-2025-64329.html * https://bugzilla.suse.com/show_bug.cgi?id=1253126 * https://bugzilla.suse.com/show_bug.cgi?id=1253132 . An update for openSUSE addresses important vulnerabilities in containerd related to permissions and memory leaks.. openSUSE update containerd vulnerabilities security patch. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Nov 28, 2025 Important OpenSUSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200