Alerts This Week
Warning Icon 1 684
Alerts This Week
Warning Icon 1 684

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorycriticalremote access

Ubuntu 16.04 LTS USN-4702-1 Critical: Pound Information Disclosure

Several security issues were fixed in pound.. =========================================================================Ubuntu Security Notice USN-4702-1 January 25, 2021 pound vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: Several security issues were fixed in pound. Software Description: - pound: reverse proxy, load balancer and HTTPS front-end for Web servers Details: It was discovered that Pound incorrectly handled certain HTTP requests A remote attacker could use it to retrieve some sensitive information. (CVE-2016-10711, CVE-2018-21245) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: pound 2.6-6.1ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4702-1 CVE-2016-10711, CVE-2018-21245 Package Information: https://launchpad.net/ubuntu/+source/pound/2.6-6.1ubuntu0.1 . Mitigation strategies for vulnerabilities in the pound server affecting Ubuntu 16.04 LTS, focusing on reducing risks associated with unauthorized remote access.. Pound Reverse Proxy, Ubuntu Security Updates, HTTP Security Risks. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 25, 2021 Critical Ubuntu
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydebianload balancer

Debian 8: DLA-2196-2 Moderate: Pound CPU Regression Update

A regression has been found in the patch for CVE-2016-10711 of pound, a reverse proxy, load balancer and HTTPS front-end for Web servers. Without the fix pound can be tricked to use 100% CPU. . Package : pound Version : 2.6-6+deb8u3 CVE ID : CVE-2016-10711 A regression has been found in the patch for CVE-2016-10711 of pound, a reverse proxy, load balancer and HTTPS front-end for Web servers. Without the fix pound can be tricked to use 100% CPU. For Debian 8 "Jessie", this problem has been fixed in version 2.6-6+deb8u3. We recommend that you upgrade your pound packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . A flaw in the update for pound impacts processing speed. Update your software to avoid potential complications.. Pound Update, Debian Security, CPU Regression Fix. . LinuxSecurity.com Team

Calendar 2 May 03, 2020 Debian LTS
Banner 2 1028x280 1708121730 1 1771599631
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisoryXSSDebian

Debian 8: DLA-2196-1 Moderate: Pound Request Smuggling Threat

An issue has been found in pound, A request smuggling vulnerability was discovered in pound, a everse proxy, load balancer and HTTPS front-end for Web servers, that may allow . Package : pound Version : 2.6-6+deb8u2 CVE ID : CVE-2016-10711 An issue has been found in pound, A request smuggling vulnerability was discovered in pound, a everse proxy, load balancer and HTTPS front-end for Web servers, that may allow attackers to send a specially crafted http request to a web server or reverse proxy while pound may see a different set of requests. This facilitates several possible exploitations, such as partial cache poisoning, bypassing firewall protection and XSS. For Debian 8 "Jessie", this problem has been fixed in version 2.6-6+deb8u2. We recommend that you upgrade your pound packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . A serious security vulnerability in the Pound web server affects Debian LTS users, risking unauthorized access and data leakage through request smuggling. Debian LTS, pound security, request smuggling, exploit mitigation, web server security. . LinuxSecurity.com Team

Calendar 2 Apr 30, 2020 Debian LTS
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorybuffer overflowcritical

Debian: DSA 934-1 Critical: Remote Code Execution in Pound

Two vulnerabilities have been discovered in Pound, a reverse proxy and load balancer for HTTP. The Common Vulnerabilities and Exposures project identifies the following problems:. - --------------------------------------------------------------------------Debian Security Advisory DSA 934-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Moritz Muehlenhoff January 9, 2006 http://www.debian.org/security/faq - --------------------------------------------------------------------------Package : pound Vulnerability : several Problem-Type : remote Debian-specific: no CVE ID : CVE-2005-1391 CVE-2005-3751 Debian Bug : 307852 Two vulnerabilities have been discovered in Pound, a reverse proxy and load balancer for HTTP. The Common Vulnerabilities and Exposures project identifies the following problems: * CVE-2005-1391: Overly long HTTP Host: headers may trigger a buffer overflow in the add_port() function, which may lead to the execution of arbitrary code. * CVE-2005-3751: HTTP requests with conflicting Content-Length and Transfer-Encoding headers could lead to HTTP Request Smuggling Attack, which can be exploited to bypass packet filters or poison web caches. The old stable distribution (woody) does not contain pound packages. For the stable distribution (sarge) these problems have been fixed in version 1.8.2-1sarge1 For the unstable distribution (sid) these problems have been fixed in version 1.9.4-1 We recommend that you upgrade your pound package. Upgrade Instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update byadding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - -------------------------------- Source archives: Size/MD5 checksum: 643 334d91f8800581281ab9c8bad5bbdbf4 Size/MD5 checksum: 13242 9e404c899bfd5409610ed5f14345d341 Size/MD5 checksum: 140455 c9b0793bb4d57be2270093d79b13c019 Alpha architecture: Size/MD5 checksum: 73284 0458e20d63c3f5f5788afe7564a385da AMD64 architecture: Size/MD5 checksum: 68652 01ae48ac313a8e533f32eec2f6f7a62f ARM architecture: Size/MD5 checksum: 69072 73b7eb49a74c8a5ff6a8015cf9a0e45d Intel IA-32 architecture: Size/MD5 checksum: 68684 da43b8adaf115680c72d8f5dce9bc99f Intel IA-64 architecture: Size/MD5 checksum: 80756 ec6d043c70e50e8ba492ef6a73a4cc18 HP Precision architecture: Size/MD5 checksum: 70288 22fa75150b2253640667714cf6197567 Motorola 680x0 architecture: Size/MD5 checksum: 65138 1de5e7b4492a51900e13f9a0f5decd18 Big endian MIPS architecture: Size/MD5 checksum: 68586 3eb28320dc9229ee8cc08d2967e8ee9b Little endian MIPS architecture: Size/MD5 checksum: 68654 510807d792c96e8cc43edf72fcdcc243 PowerPC architecture: Size/MD5 checksum: 69218 d03e4cc71f99c2017a417cf8f073438c IBM S/390 architecture: Size/MD5 checksum: 69268 dac44abdc98358ccc66c2c3f41bd0965 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Ubuntu Security Notice USN 1234-1 addresses two vulnerabilities in the Apache web server that may lead to potential remote exploitation and data breaches.. Debian PoundSecurity, HTTP Load Balancer, Buffer Overflow Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 27, 2006 Critical Debian
Banner 2 1028x280 1708121730 1 1771599631
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorysecurity issuegentoo

Gentoo: GLSA 200504-29 High: Pound Buffer Overflow Risk of Remote Execution

Pound is vulnerable to a buffer overflow that could lead to the remote execution of arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200504-29 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Pound: Buffer overflow vulnerability Date: April 30, 2005 Bugs: #90851 ID: 200504-29 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Pound is vulnerable to a buffer overflow that could lead to the remote execution of arbitrary code. Background ========= Pound is a reverse proxy, load balancer and HTTPS front-end. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-servers/pound < 1.8.3 > = 1.8.3 Description ========== Steven Van Acker has discovered a buffer overflow vulnerability in the "add_port()" function in Pound. Impact ===== A remote attacker could send a request for an overly long hostname parameter, which could lead to the remote execution of arbitrary code with the rights of the Pound daemon process (by default, Gentoo uses the "nobody" user to run the Pound daemon). Workaround ========= There is no known workaround at this time. Resolution ========= All Pound users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =www-servers/pound-1.8.3" References ========= [ 1 ] Original announcement https://david-maucher.ch/pound/ Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200504-29 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.0/ . Gentoo Linux security advisory GLSA 202310-38 discloses a severe buffer overflow vulnerability in Apache affecting potential remote code execution.. Pound Buffer Overflow, Gentoo Security Advisory, Remote Execution. . LinuxSecurity.com Team

Calendar 2 Apr 30, 2005 Gentoo
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here