Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":547,"type":"x","order":1,"pct":78.48,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.88,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.34,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity issuesecurity impact

RedHat: RHSA-2023-3622-01 Important: Jenkins Security Update

An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: jenkins and jenkins-2-plugins security update Advisory ID: RHSA-2023:3622-01 Product: OpenShift Developer Tools and Services Advisory URL: https://access.redhat.com/errata/RHSA-2023:3622 Issue date: 2023-06-15 CVE Names: CVE-2022-29599 CVE-2022-30953 CVE-2022-30954 CVE-2023-1370 CVE-2023-1436 CVE-2023-20860 CVE-2023-20861 CVE-2023-27903 CVE-2023-27904 ==================================================================== 1. Summary: An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: OpenShift Developer Tools and Services for OCP 4.13 for RHEL 8 - noarch 3. Description: Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cron. Security Fix(es): * maven-shared-utils: Command injection via Commandline class (CVE-2022-29599) * json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion) (CVE-2023-1370) * springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern (CVE-2023-20860) * Jenkins plugin: CSRF vulnerability in Blue Ocean Plugin (CVE-2022-30953) * Jenkins plugin: missingpermission checks in Blue Ocean Plugin (CVE-2022-30954) * jettison: Uncontrolled Recursion in JSONArray (CVE-2023-1436) * springframework: Spring Expression DoS Vulnerability (CVE-2023-20861) * Jenkins: Temporary file parameter created with insecure permissions (CVE-2023-27903) * Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2066479 - CVE-2022-29599 maven-shared-utils: Command injection via Commandline class 2119646 - CVE-2022-30953 Jenkins plugin: CSRF vulnerability in Blue Ocean Plugin 2119647 - CVE-2022-30954 Jenkins plugin: missing permission checks in Blue Ocean Plugin 2177632 - CVE-2023-27903 Jenkins: Temporary file parameter created with insecure permissions 2177634 - CVE-2023-27904 Jenkins: Information disclosure through error stack traces related to agents 2180528 - CVE-2023-20860 springframework: Security Bypass With Un-Prefixed Double Wildcard Pattern 2180530 - CVE-2023-20861 springframework: Spring Expression DoS Vulnerability 2182788 - CVE-2023-1436 jettison: Uncontrolled Recursion in JSONArray 2188542 - CVE-2023-1370 json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion) 6. Package List: OpenShift Developer Tools and Services for OCP 4.13 for RHEL 8: Source: jenkins-2-plugins-4.13.1686680473-1.el8.src.rpm jenkins-2.401.1.1686680404-3.el8.src.rpm noarch: jenkins-2-plugins-4.13.1686680473-1.el8.noarch.rpm jenkins-2.401.1.1686680404-3.el8.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signatureare available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-29599 https://access.redhat.com/security/cve/CVE-2022-30953 https://access.redhat.com/security/cve/CVE-2022-30954 https://access.redhat.com/security/cve/CVE-2023-1370 https://access.redhat.com/security/cve/CVE-2023-1436 https://access.redhat.com/security/cve/CVE-2023-20860 https://access.redhat.com/security/cve/CVE-2023-20861 https://access.redhat.com/security/cve/CVE-2023-27903 https://access.redhat.com/security/cve/CVE-2023-27904 https://access.redhat.com/security/updates/classification#important https://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html/jenkins/important-changes-to-openshift-jenkins-images 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZIsIV9zjgjWX9erEAQiXzxAAkFBO1PgaRFIdtMpH01UntLYY/Rw29jJg X3/b+Vk5btL5nt8WlFtR0CpTy4EKq9wEqLK976Er45NFGrgTFDNMDxwl0BESHdiq mXSzso57abdctD4yIfQBRAJD9ZeuiDVimx3b7OcjQaJf5uZ1E3764O2k2g8SdRXP 9SaKGs8g8nDSOtA21fTP7XxJQNrPuOcga6e/lTDniEh8VvbiEVm8l1O1Yu3Wbmn4 9py6r4AAe9OgzJ+iJvWq8IJLWA9iPH650IKWIN68ZmOyhPU7mGsekfXNrcFtMtTh D5loI7LuiNFv8ludLGB6b98osbk0m6XCYzbpUKCPq7EAmMzyPeeRXDzkxHCEywo4 ysnkGGapt2u4iYkcgrxRK0vYdF7CibWpgd6WglqZLQp/Q5HmFMOLMCtylcq9WbHs UQnNWjm6NvJWroLJXj6PadzzHzPHVgSLRm+O/Bb4ebiYlLGcem4BaAzdkK4Q4kpl G7QTsKYHyhHOiEd+6MfMjwYjWnESQ3MzgbA2+zAeTrZZkaP/zhhzEKm+PVJsqiN0 iwZl/vjqvgVRXWfTrwt8uKH+H2HSJsWfuLvqrJIzIvsSji1V4eUgZPKwdldq9zIq wrV1rePM63Zt+3tytZx6nIe97pRqqM1wKZIyVhrL38tU4RGjYRLGQIxYM7IWcMnl RYuXKRamsHk=/S5s -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Security update for Jenkins and its plugins on OpenShift 4.13 classified as High. Addresses several vulnerabilities. Discover more details.. Jenkins Security, OpenShift Updates, Jenkins Plugins, Security Fixes, Continuous Integration. . Severity: Important.LinuxSecurity.com Team

Calendar 2 Jun 15, 2023 Important Red Hat
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorymoderatedebian

Debian 9 Stretch DLA-2956-1 Moderate: WordPress XSS and Pollution Issues

Several vulnerabilities like Prototype Pollution Vulnerability in a jQuery dependency and in the block editor, and Stored Cross Site Scripting Vulnerability were discovered in Wordpress, a web blogging tool. . - ----------------------------------------------------------------------- Debian LTS Advisory DLA-2956-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Utkarsh Gupta March 20, 2022 https://wiki.debian.org/LTS - ----------------------------------------------------------------------- Package : wordpress Version : 4.7.23+dfsg-0+deb9u1 Debian Bug : 1007145 Several vulnerabilities like Prototype Pollution Vulnerability in a jQuery dependency and in the block editor, and Stored Cross Site Scripting Vulnerability were discovered in Wordpress, a web blogging tool. For Debian 9 stretch, this problem has been fixed in version 4.7.23+dfsg-0+deb9u1. We recommend that you upgrade your wordpress packages. For the detailed security status of wordpress please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/wordpress Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS announced DLA-2956-1 Security Patch for WordPress, resolving several vulnerabilities such as XSS concerns.. WordPress, Security Fix, Debian Update, Web App Security. . LinuxSecurity.com Team

Calendar 2 Mar 20, 2022 Debian LTS
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":547,"type":"x","order":1,"pct":78.48,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.88,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.34,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here