Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian LTS openssl Important Use-After-Free NULL Pointer Issues DLA-4624-1

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 alsa-lib Important Denial of Service Fix USN-8044-2

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS node-shell-quote Important Denial of Service CVE-2026-9277

Calendar White Jun 09, 2026
Important
Mageia Large Esm H800
Mageia

Mageia 9 Suricata Critical Performance Security Issues MGASA-2026-0181

Calendar White Jun 09, 2026
Critical
Mageia Large Esm H900
Mageia

Mageia 9 PackageKit Important TOCTOU Race Escalation CVE-2026-41651

Calendar White Jun 09, 2026
Important
Mageia Large Esm H900
Mageia

Mageia 9 Unbound Critical Remote Code Execution Advisory 2026-0034

Calendar White Jun 09, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS Netatalk Multiple Security Issues USN-8395-1

Calendar White Jun 09, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 mingw-objfw 1.5.5 Update Security Fix FEDORA-2026-de23fedf3e

Calendar White Jun 08, 2026
Fedora Large Esm H900
Fedora

Fedora 43 objfw Important Update 1.5.5 Bug Fixes June 2026

Calendar White Jun 08, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical fix

Fedora 33: 2021-f3ad34aa9f Critical: User Enumeration Security Fix

**Version 3.4.49** (2021-05-19) * security **CVE-2021-21424** [Security\Core] Fix user enumeration via response body on invalid credentials (chalasr) ---- **Version 3.4.48** (2021-05-12) * security **CVE-2021-21424** [Security][Guard] Prevent user enumeration (chalasr). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-f3ad34aa9f 2021-05-28 01:10:41.955472 --------------------------------------------------------------------------------Name : php-symfony3 Product : Fedora 33 Version : 3.4.49 Release : 1.fc33 URL : https://symfony.com Summary : Symfony PHP framework (version 3) Description : Symfony PHP framework (version 3). NOTE: Does not require PHPUnit bridge. --------------------------------------------------------------------------------Update Information: **Version 3.4.49** (2021-05-19) * security **CVE-2021-21424** [Security\Core] Fix user enumeration via response body on invalid credentials (chalasr) ----**Version 3.4.48** (2021-05-12) * security **CVE-2021-21424** [Security][Guard] Prevent user enumeration (chalasr) --------------------------------------------------------------------------------ChangeLog: * Wed May 19 2021 Remi Collet - 3.4.49-1 - update to 3.4.49 * Mon May 17 2021 Remi Collet - 3.4.48-1 - update to 3.4.48 * Wed Jan 27 2021 Fedora Release Engineering - 3.4.47-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1960631 - CVE-2021-21424 php-symfony: user enumeration in authentication mechanisms [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1960631 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-f3ad34aa9f' at the command line. For more information, refer to thednf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Essential Fedora patch for php-symfony3 blocks user enumeration vulnerabilities with crucial security fixes.. Fedora Update,PHP Symfony3,User Enumeration Prevention,Symfony Security Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 27, 2021 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalFedora

Fedora: FEDORA-2018-7f43cbdb69 Critical: PHP Symfony4 HTTP Header Issue

## 4.0.14 (2018-08-01) * security #cve-2018-14774 [HttpKernel] fix trusted headers management in HttpCache and InlineFragmentRenderer (nicolas-grekas) * security #cve-2018-14773 [HttpFoundation] Remove support for legacy and risky HTTP headers (nicolas-grekas) * bug #28003 [HttpKernel] Fixes invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-7f43cbdb69 2018-08-14 20:15:54.627605 --------------------------------------------------------------------------------Name : php-symfony4 Product : Fedora 27 Version : 4.0.14 Release : 1.fc27 URL : https://symfony.com/ Summary : Symfony PHP framework (version 4) Description : Symfony PHP framework (version 4). NOTE: Does not require PHPUnit bridge. --------------------------------------------------------------------------------Update Information: ## 4.0.14 (2018-08-01) * security #cve-2018-14774 [HttpKernel] fix trusted headers management in HttpCache and InlineFragmentRenderer (nicolas-grekas) * security #cve-2018-14773 [HttpFoundation] Remove support for legacy and risky HTTP headers (nicolas-grekas) * bug #28003 [HttpKernel] Fixes invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet (netiul) * bug #28007 [FrameworkBundle] fixed guard event names for transitions (destillat) * bug #28045 [HttpFoundation] Fix Cookie::isCleared (ro0NL) * bug #28080 [HttpFoundation] fixed using _method parameter with invalid type (Phobetor) * bug #28052 [HttpKernel] Fix merging bindings for controllers' locators (nicolas-grekas) ## 4.0.13 (2018-07-23) * bug #28005 [HttpKernel] Fixed templateExists on parse error of the template name (yceruto) * bug #27997 Serbo-Croatian has Serbian plural rule (kylekatarnls) * bug #26193 Fix false-positive deprecation notices for TranslationLoader and WriteCheckSessionHandler (iquito) * bug #27941[WebProfilerBundle] Fixed icon alignment issue using Bootstrap 4.1.2 (jmsche) * bug #27937 [HttpFoundation] reset callback on StreamedResponse when setNotModified() is called (rubencm) * bug #27927 [HttpFoundation] Suppress side effects in 'get' and 'has' methods of NamespacedAttributeBag (webnet-fr) * bug #27923 [Form/Profiler] Massively reducing memory footprint of form profiling pages... (VincentChalnot) * bug #27918 [Console] correctly return parameter's default value on "--" (seschwar) * bug #27904 [Filesystem] fix lock file permissions (fritzmg) * bug #27903 [Lock] fix lock file permissions (fritzmg) * bug #27889 [Form] Replace .initialism with .text-uppercase. (vudaltsov) * bug #27902 Fix the detection of the Process new argument (stof) * bug #27885 [HttpFoundation] don't encode cookie name for BC (nicolas-grekas) * bug #27782 [DI] Fix dumping ignore-on-uninitialized references to synthetic services (nicolas-grekas) * bug #27435 [OptionResolver] resolve arrays (Doctrs) * bug #27728 [TwigBridge] Fix missing path and separators in loader paths list on debug:twig output (yceruto) * bug #27837 [PropertyInfo] Fix dock block lookup fallback loop (DerManoMann) * bug #27758 [WebProfilerBundle] Prevent toolbar links color override by css (alcalyn) * bug #27847 [Security] Fix accepting null as $uidKey in LdapUserProvider (louhde) * bug #27834 [DI] Don't show internal service id on binding errors (nicolas-grekas) * bug #27831 Check for Hyper terminal on all operating systems. (azjezz) * bug #27794 Add color support for Hyper terminal . (azjezz) * bug #27809 [HttpFoundation] Fix tests: new message for status 425 (dunglas) * bug #27618 [PropertyInfo] added handling of nullable types in PhpDoc (oxan) * bug #27659 [HttpKernel] Make AbstractTestSessionListener compatible with CookieClearingLogoutHandler (thewilkybarkid) * bug #27752 [Cache] provider does not respect option maxIdLength with versioning enabled (Constantine Shtompel) * bug #27776 [ProxyManagerBridge] Fixsupport of private services (bis) (nicolas-grekas) * bug #27714 [HttpFoundation] fix session tracking counter (nicolas-grekas, dmaicher) * bug #27747 [HttpFoundation] fix registration of session proxies (nicolas-grekas) * bug #27722 Redesign the Debug error page in prod (javiereguiluz) * bug #27716 [DI] fix dumping deprecated service in yaml (nicolas-grekas) ## 4.0.12 (2018-06-25) * bug #27626 [TwigBundle][DX] Only add the Twig WebLinkExtension if the WebLink component is enabled (thewilkybarkid) * bug #27701 [SecurityBundle] Dont throw if "security.http_utils" is not found (nicolas-grekas) * bug #27690 [DI] Resolve env placeholder in logs (ro0NL) * bug #26534 allow_extra_attributes does not throw an exception as documented (deviantintegral) * bug #27668 [Lock] use 'r+' for fopen (fixes issue on Solaris) (fritzmg) * bug #27669 [Filesystem] fix file lock on SunOS (fritzmg) * bug #27662 [HttpKernel] fix handling of nested Error instances (xabbuh) * bug #26845 [Config] Fixing GlobResource when inside phar archive (vworldat) * bug #27382 [Form] Fix error when rendering a DateIntervalType form with exactly 0 weeks (krixon) * bug #27309 Fix surrogate not using original request (Toflar) * bug #27467 [HttpKernel] fix session tracking in surrogate master requests (nicolas-grekas) * bug #27630 [Validator][Form] Remove BOM in some xlf files (gautierderuette) * bug #27596 [Framework][Workflow] Added support for interfaces (vudaltsov) * bug #27593 [ProxyManagerBridge] Fixed support of private services (nicolas-grekas) * bug #27591 [VarDumper] Fix dumping ArrayObject and ArrayIterator instances (nicolas-grekas) * bug #27581 Fix bad method call with guard authentication + session migration (weaverryan) * bug #27576 [Cache] Fix expiry comparisons in array-based pools (nicolas-grekas) * bug #27556 Avoiding session migration for stateless firewall UsernamePasswordJsonAuthenticationListener (weaverryan) * bug #27452 Avoid migration on stateless firewalls (weaverryan) * bug#27568 [DI] Deduplicate generated proxy classes (nicolas-grekas) * bug #27326 [Serializer] deserialize from xml: Fix a collection that contains the only one element (webnet-fr) * bug #27567 [PhpUnitBridge] Fix error on some Windows OS (Nsbx) * bug #27357 [Lock] Remove released semaphore (jderusse) * bug #27416 TagAwareAdapter over non-binary memcached connections corrupts memcache (Aleksey Prilipko) * bug #27514 [Debug] Pass previous exception to FatalErrorException (pmontoya) * bug #27516 Revert "bug #26138 [HttpKernel] Catch HttpExceptions when templating is not installed (cilefen)" (nicolas-grekas) * bug #27318 [Cache] memcache connect should not add duplicate entries on sequential calls (Aleksey Prilipko) * bug #27389 [Serializer] Fix serializer tries to denormalize null values on nullable properties (ogizanagi) * bug #27272 [FrameworkBundle] Change priority of AddConsoleCommandPass to TYPE_BEFORE_REMOVING (upyx) * bug #27396 [HttpKernel] fix registering IDE links (nicolas-grekas) * bug #26973 [HttpKernel] Set first trusted proxy as REMOTE_ADDR in InlineFragmentRenderer. (kmadejski) * bug #27303 [Process] Consider "executable" suffixes first on Windows (sanmai) * bug #27297 Triggering RememberMe's loginFail() when token cannot be created (weaverryan) * bug #27344 [HttpKernel] reset kernel start time on reboot (kiler129) * bug #27365 [Serializer] Check the value of enable_max_depth if defined (dunglas) * bug #27358 [PhpUnitBridge] silence some stderr outputs (ostrolucky) * bug #27366 [DI] never inline lazy services (nicolas-grekas) --------------------------------------------------------------------------------References: [ 1 ] Bug #1611906 - CVE-2018-14773 php-symfony: Legacy HTTP headers allow users to modify URLs and bypass restrictions https://bugzilla.redhat.com/show_bug.cgi?id=1611906 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade--advisory FEDORA-2018-7f43cbdb69' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./message/C6UOUQE6POHW24KKQSB372IGD7OLBN63/ . The recent Fedora update for php-symfony4 addresses significant security vulnerabilities and enhances the handling of HTTP headers to bolster protection.. Fedora Security Update, HTTP Header Management, Security Patches, php-symfony4 Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 14, 2018 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here