Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 584
Alerts This Week
Warning Icon 1 584

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 3,451 articles for you...
89

Fedora 43 ansible-collection-ansible-posix Critical Fix for CVE-2026-11837

Update to 2.2.1. Fixes rhbz#2479556. Mitigates CVE-2026-11837 (rhbz#2487430, rhbz#2487431, rhbz#2487432). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-50e5126be4 2026-07-17 01:08:58.262226+00:00 -------------------------------------------------------------------------------- Name : ansible-collection-ansible-posix Product : Fedora 43 Version : 2.2.1 Release : 1.fc43 URL : https://galaxy.ansible.com/ui/repo/published/ansible/posix Summary : Ansible Collection targeting POSIX and POSIX-ish platforms Description : Ansible Collection targeting POSIX and POSIX-ish platforms. -------------------------------------------------------------------------------- Update Information: Update to 2.2.1. Fixes rhbz#2479556. Mitigates CVE-2026-11837 (rhbz#2487430, rhbz#2487431, rhbz#2487432) -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 8 2026 Maxwell G - 2.2.1-1 - Update to 2.2.1. Fixes rhbz#2479556. - Mitigates CVE-2026-11837 (rhbz#2487430, rhbz#2487431, rhbz#2487432) * Fri Jan 16 2026 Fedora Release Engineering - 2.1.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild * Fri Jan 16 2026 Fedora Release Engineering - 2.1.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_44_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2479556 - ansible-collection-ansible-posix-2.2.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2479556 [ 2 ] Bug #2487430 - CVE-2026-11837 ansible-collection-ansible-posix: ansible.posix authorized_key: local privilege escalation via symlink-following chown [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2487430 [ 3 ] Bug #2487431 - CVE-2026-11837 ansible-collection-ansible-posix: ansible.posix authorized_key: local privilege escalation via symlink-following chown[fedora-44] https://bugzilla.redhat.com/show_bug.cgi?id=2487431 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-50e5126be4' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . This alerts about critical update in Fedora 43 for ansible-collection-ansible-posix, addressing privilege escalation risks effectively.. Ansible Collection, Fedora Security, Privilege Escalation, Software Update, Linux Package Management. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 16, 2026 Critical Fedora
202

openSUSE 2026-3025-1 sssd Important Privilege Escalation Issues

An update that solves two vulnerabilities can now be installed.. # Security update for sssd Announcement ID: SUSE-SU-2026:3025-1 Release Date: 2026-07-15T09:49:27Z Rating: important References: * bsc#1270708 * bsc#1270709 Cross-References: * CVE-2026-14474 * CVE-2026-14476 CVSS scores: * CVE-2026-14474 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-14474 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2026-14476 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2026-14476 ( NVD ): 8.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for sssd fixes the following issues * CVE-2026-14474: sudo LDAP provider searches entire directory tree for sudoRole objects by default, enabling privilege escalation (bsc#1270709). * CVE-2026-14476: GPO cache path traversal via unsanitized gPCFileSysPath allows Kerberos authentication bypass (bsc#1270708). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-3025=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-3025=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-3025=1 ## Package List: * openSUSE Leap 15.6 (aarch64 i586 ppc64le s390x x86_64) * sssd-dbus-2.10.2-150600.3.53.1 * libsss_simpleifp0-debuginfo-2.10.2-150600.3.53.1 * sssd-ipa-debuginfo-2.10.2-150600.3.53.1 * sssd-tools-debuginfo-2.10.2-150600.3.53.1 *python3-sss_nss_idmap-2.10.2-150600.3.53.1 * sssd-krb5-2.10.2-150600.3.53.1 * libsss_certmap0-debuginfo-2.10.2-150600.3.53.1 * libsss_simpleifp-devel-2.10.2-150600.3.53.1 * libnfsidmap-sss-debuginfo-2.10.2-150600.3.53.1 * python3-sss_nss_idmap-debuginfo-2.10.2-150600.3.53.1 * python3-sssd-config-2.10.2-150600.3.53.1 * sssd-krb5-common-debuginfo-2.10.2-150600.3.53.1 * python3-sssd-config-debuginfo-2.10.2-150600.3.53.1 * sssd-debugsource-2.10.2-150600.3.53.1 * sssd-proxy-2.10.2-150600.3.53.1 * sssd-ad-2.10.2-150600.3.53.1 * python3-ipa_hbac-debuginfo-2.10.2-150600.3.53.1 * sssd-ldap-debuginfo-2.10.2-150600.3.53.1 * libsss_idmap0-2.10.2-150600.3.53.1 * python3-ipa_hbac-2.10.2-150600.3.53.1 * libsss_nss_idmap0-2.10.2-150600.3.53.1 * sssd-ad-debuginfo-2.10.2-150600.3.53.1 * sssd-winbind-idmap-debuginfo-2.10.2-150600.3.53.1 * sssd-krb5-debuginfo-2.10.2-150600.3.53.1 * libipa_hbac0-debuginfo-2.10.2-150600.3.53.1 * libsss_nss_idmap0-debuginfo-2.10.2-150600.3.53.1 * libsss_nss_idmap-devel-2.10.2-150600.3.53.1 * sssd-winbind-idmap-2.10.2-150600.3.53.1 * sssd-proxy-debuginfo-2.10.2-150600.3.53.1 * sssd-tools-2.10.2-150600.3.53.1 * sssd-2.10.2-150600.3.53.1 * libsss_idmap0-debuginfo-2.10.2-150600.3.53.1 * sssd-debuginfo-2.10.2-150600.3.53.1 * libnfsidmap-sss-2.10.2-150600.3.53.1 * sssd-ldap-2.10.2-150600.3.53.1 * sssd-kcm-debuginfo-2.10.2-150600.3.53.1 * sssd-kcm-2.10.2-150600.3.53.1 * libsss_simpleifp0-2.10.2-150600.3.53.1 * sssd-krb5-common-2.10.2-150600.3.53.1 * libipa_hbac0-2.10.2-150600.3.53.1 * python3-sss-murmur-debuginfo-2.10.2-150600.3.53.1 * libsss_certmap0-2.10.2-150600.3.53.1 * libsss_certmap-devel-2.10.2-150600.3.53.1 * sssd-dbus-debuginfo-2.10.2-150600.3.53.1 * sssd-ipa-2.10.2-150600.3.53.1 * python3-sss-murmur-2.10.2-150600.3.53.1 * libipa_hbac-devel-2.10.2-150600.3.53.1 * libsss_idmap-devel-2.10.2-150600.3.53.1 * openSUSE Leap 15.6(x86_64) * sssd-32bit-2.10.2-150600.3.53.1 * sssd-32bit-debuginfo-2.10.2-150600.3.53.1 * openSUSE Leap 15.6 (aarch64_ilp32) * sssd-64bit-2.10.2-150600.3.53.1 * sssd-64bit-debuginfo-2.10.2-150600.3.53.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * sssd-dbus-2.10.2-150600.3.53.1 * libsss_certmap0-debuginfo-2.10.2-150600.3.53.1 * sssd-ipa-debuginfo-2.10.2-150600.3.53.1 * sssd-tools-debuginfo-2.10.2-150600.3.53.1 * libsss_simpleifp0-debuginfo-2.10.2-150600.3.53.1 * sssd-krb5-2.10.2-150600.3.53.1 * libsss_simpleifp-devel-2.10.2-150600.3.53.1 * python3-sssd-config-2.10.2-150600.3.53.1 * sssd-krb5-common-debuginfo-2.10.2-150600.3.53.1 * python3-sssd-config-debuginfo-2.10.2-150600.3.53.1 * sssd-debugsource-2.10.2-150600.3.53.1 * sssd-proxy-2.10.2-150600.3.53.1 * sssd-ad-2.10.2-150600.3.53.1 * sssd-ldap-debuginfo-2.10.2-150600.3.53.1 * libsss_idmap0-2.10.2-150600.3.53.1 * libsss_nss_idmap0-2.10.2-150600.3.53.1 * sssd-ad-debuginfo-2.10.2-150600.3.53.1 * sssd-winbind-idmap-debuginfo-2.10.2-150600.3.53.1 * sssd-krb5-debuginfo-2.10.2-150600.3.53.1 * libipa_hbac0-debuginfo-2.10.2-150600.3.53.1 * libsss_nss_idmap0-debuginfo-2.10.2-150600.3.53.1 * libsss_nss_idmap-devel-2.10.2-150600.3.53.1 * sssd-winbind-idmap-2.10.2-150600.3.53.1 * sssd-proxy-debuginfo-2.10.2-150600.3.53.1 * sssd-tools-2.10.2-150600.3.53.1 * sssd-2.10.2-150600.3.53.1 * libsss_idmap0-debuginfo-2.10.2-150600.3.53.1 * sssd-debuginfo-2.10.2-150600.3.53.1 * sssd-kcm-debuginfo-2.10.2-150600.3.53.1 * sssd-ldap-2.10.2-150600.3.53.1 * libipa_hbac0-2.10.2-150600.3.53.1 * libsss_simpleifp0-2.10.2-150600.3.53.1 * sssd-kcm-2.10.2-150600.3.53.1 * sssd-krb5-common-2.10.2-150600.3.53.1 * libsss_certmap0-2.10.2-150600.3.53.1 * libsss_certmap-devel-2.10.2-150600.3.53.1 * sssd-dbus-debuginfo-2.10.2-150600.3.53.1 * sssd-ipa-2.10.2-150600.3.53.1 *libipa_hbac-devel-2.10.2-150600.3.53.1 * libsss_idmap-devel-2.10.2-150600.3.53.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64) * sssd-32bit-2.10.2-150600.3.53.1 * sssd-32bit-debuginfo-2.10.2-150600.3.53.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * sssd-dbus-2.10.2-150600.3.53.1 * libsss_certmap0-debuginfo-2.10.2-150600.3.53.1 * sssd-ipa-debuginfo-2.10.2-150600.3.53.1 * sssd-tools-debuginfo-2.10.2-150600.3.53.1 * libsss_simpleifp0-debuginfo-2.10.2-150600.3.53.1 * sssd-krb5-2.10.2-150600.3.53.1 * libsss_simpleifp-devel-2.10.2-150600.3.53.1 * python3-sssd-config-2.10.2-150600.3.53.1 * sssd-krb5-common-debuginfo-2.10.2-150600.3.53.1 * python3-sssd-config-debuginfo-2.10.2-150600.3.53.1 * sssd-debugsource-2.10.2-150600.3.53.1 * sssd-proxy-2.10.2-150600.3.53.1 * sssd-ad-2.10.2-150600.3.53.1 * sssd-ldap-debuginfo-2.10.2-150600.3.53.1 * libsss_idmap0-2.10.2-150600.3.53.1 * libsss_nss_idmap0-2.10.2-150600.3.53.1 * sssd-ad-debuginfo-2.10.2-150600.3.53.1 * sssd-winbind-idmap-debuginfo-2.10.2-150600.3.53.1 * sssd-krb5-debuginfo-2.10.2-150600.3.53.1 * libipa_hbac0-debuginfo-2.10.2-150600.3.53.1 * libsss_nss_idmap0-debuginfo-2.10.2-150600.3.53.1 * libsss_nss_idmap-devel-2.10.2-150600.3.53.1 * sssd-winbind-idmap-2.10.2-150600.3.53.1 * sssd-proxy-debuginfo-2.10.2-150600.3.53.1 * sssd-tools-2.10.2-150600.3.53.1 * sssd-2.10.2-150600.3.53.1 * libsss_idmap0-debuginfo-2.10.2-150600.3.53.1 * sssd-krb5-common-2.10.2-150600.3.53.1 * sssd-kcm-debuginfo-2.10.2-150600.3.53.1 * sssd-ldap-2.10.2-150600.3.53.1 * libipa_hbac0-2.10.2-150600.3.53.1 * sssd-debuginfo-2.10.2-150600.3.53.1 * sssd-kcm-2.10.2-150600.3.53.1 * libsss_simpleifp0-2.10.2-150600.3.53.1 * libsss_certmap0-2.10.2-150600.3.53.1 * libsss_certmap-devel-2.10.2-150600.3.53.1 * sssd-dbus-debuginfo-2.10.2-150600.3.53.1 * sssd-ipa-2.10.2-150600.3.53.1 *libipa_hbac-devel-2.10.2-150600.3.53.1 * libsss_idmap-devel-2.10.2-150600.3.53.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64) * sssd-32bit-2.10.2-150600.3.53.1 * sssd-32bit-debuginfo-2.10.2-150600.3.53.1 ## References: * https://www.suse.com/security/cve/CVE-2026-14474.html * https://www.suse.com/security/cve/CVE-2026-14476.html * https://bugzilla.suse.com/show_bug.cgi?id=1270708 * https://bugzilla.suse.com/show_bug.cgi?id=1270709 . Two important vulnerabilities in sssd resolved by the latest openSUSE update are crucial for maintaining system security.. openSUSE updates, sssd vulnerabilities, security patches. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 15, 2026 Important OpenSUSE
87

Debian DSA-6389-1 NTFS-3G Critical Local Root Escalation

Several vulnerabilities were discovered in NTFS-3G, a read-write NTFS driver for FUSE. A local user can take advantage of these flaws for local root privilege escalation. For the stable distribution (trixie), these problems have been fixed in version 1:2022.10.3-5+deb13u2.. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6389-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Salvatore Bonaccorso July 15, 2026 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ntfs-3g CVE ID : CVE-2026-42616 CVE-2026-42617 CVE-2026-42618 CVE-2026-46569 CVE-2026-46570 CVE-2026-46571 CVE-2026-46572 CVE-2026-56135 CVE-2026-56136 Debian Bug : 1142144 Several vulnerabilities were discovered in NTFS-3G, a read-write NTFS driver for FUSE. A local user can take advantage of these flaws for local root privilege escalation. For the stable distribution (trixie), these problems have been fixed in version 1:2022.10.3-5+deb13u2. We recommend that you upgrade your ntfs-3g packages. For the detailed security status of ntfs-3g please refer to its security tracker page at: https://security-tracker.debian.org/tracker/ntfs-3g Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Local users can exploit several NTFS-3G flaws for privilege escalation. Update needed to fix vulnerabilities in Debian.. NTFS-3G Privilege Escalation Debian Update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 15, 2026 Important Debian
219

Rocky Linux 10 Yggdrasil Important Security Update RLSA-2026-39573

Important: yggdrasil security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:39573", "synopsis": "Important: yggdrasil security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for yggdrasil.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "yggdrasil is a system daemon that subscribes to topics on an MQTT broker and routes any data received on the topics to an appropriate child \"worker\" process, exchanging data with its worker processes through a D-Bus message broker.\n\nSecurity Fix(es):\n\n* net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME (CVE-2026-33811)\n\n* golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing (CVE-2026-39821)\n\n* crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries (CVE-2026-27145)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2484207", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2484207", "description": ""}, {"ticket": "2480756", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2480756", "description": ""}, {"ticket": "2467822", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2467822", "description": ""}], "cves": [{"name": "CVE-2026-27145", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27145", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-606"}, {"name": "CVE-2026-33811", "sourceBy": "MITRE","sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33811", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-1341"}, {"name": "CVE-2026-39821", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39821", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N", "cvss3BaseScore": "8.2", "cwe": "CWE-1289"}], "references": [], "publishedAt": "2026-07-15T12:06:01.640959Z", "rpms": {"Rocky Linux 10": {"nvras": ["yggdrasil-0:0.4.9.2-1.el10_2.ppc64le.rpm", "yggdrasil-0:0.4.9.2-1.el10_2.x86_64.rpm", "yggdrasil-debugsource-0:0.4.9.2-1.el10_2.x86_64.rpm", "yggdrasil-0:0.4.9.2-1.el10_2.s390x.rpm", "yggdrasil-debugsource-0:0.4.9.2-1.el10_2.aarch64.rpm", "yggdrasil-devel-0:0.4.9.2-1.el10_2.ppc64le.rpm", "yggdrasil-debuginfo-0:0.4.9.2-1.el10_2.aarch64.rpm", "yggdrasil-devel-0:0.4.9.2-1.el10_2.s390x.rpm", "yggdrasil-devel-0:0.4.9.2-1.el10_2.aarch64.rpm", "yggdrasil-debuginfo-0:0.4.9.2-1.el10_2.ppc64le.rpm", "yggdrasil-debuginfo-0:0.4.9.2-1.el10_2.s390x.rpm", "yggdrasil-debuginfo-0:0.4.9.2-1.el10_2.x86_64.rpm", "yggdrasil-0:0.4.9.2-1.el10_2.src.rpm", "yggdrasil-devel-0:0.4.9.2-1.el10_2.x86_64.rpm", "yggdrasil-debugsource-0:0.4.9.2-1.el10_2.s390x.rpm", "yggdrasil-debugsource-0:0.4.9.2-1.el10_2.ppc64le.rpm", "yggdrasil-0:0.4.9.2-1.el10_2.aarch64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. A critical yggdrasil security update for Rocky Linux 10 addressing multiple issues with denial of service and privilege escalation vulnerabilities.. Rocky Linux, Yggdrasil, security update, denial of service, privilege escalation. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 15, 2026 Important Rocky Linux
219

Rocky Linux 8 Go Toolset Important Security Advisories RLSA-2026-38995

Important: go-toolset:rhel8 security, bug fix, and enhancement update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:38995", "synopsis": "Important: go-toolset:rhel8 security, bug fix, and enhancement update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for delve, module.delve, module.golang, golang.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. \n\nSecurity Fix(es):\n\n* golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing (CVE-2026-39821)\n\n* crypto/x509: golang: golang crypto/x509: Denial of Service via excessive processing of DNS SAN entries (CVE-2026-27145)\n\n* os: golang: Go os.Root: Symlink following vulnerability allows directory traversal (CVE-2026-39822)\n\nBug Fix(es) and Enhancement(s):\n\n* Update Go to version 1.26.5+1 [rhel-8.10.z] (JIRA:Rocky Linux-193478)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2480756", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2480756", "description": ""}, {"ticket": "2484207", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2484207", "description": ""}, {"ticket": "2498152", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2498152", "description": ""}], "cves": [{"name": "CVE-2026-27145", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27145", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore":"7.5", "cwe": "CWE-606"}, {"name": "CVE-2026-39821", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39821", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N", "cvss3BaseScore": "8.2", "cwe": "CWE-1289"}, {"name": "CVE-2026-39822", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39822", "cvss3ScoringVector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "cvss3BaseScore": "7.8", "cwe": "CWE-59"}], "references": [], "publishedAt": "2026-07-15T12:01:08.928069Z", "rpms": {"Rocky Linux 8": {"nvras": ["delve-0:1.26.1-1.module+el8.10.0+40244+e7cb3ff8.aarch64.rpm", "delve-0:1.26.1-1.module+el8.10.0+40244+e7cb3ff8.src.rpm", "delve-0:1.26.1-1.module+el8.10.0+40244+e7cb3ff8.x86_64.rpm", "delve-debuginfo-0:1.26.1-1.module+el8.10.0+40244+e7cb3ff8.aarch64.rpm", "delve-debuginfo-0:1.26.1-1.module+el8.10.0+40244+e7cb3ff8.x86_64.rpm", "delve-debugsource-0:1.26.1-1.module+el8.10.0+40244+e7cb3ff8.aarch64.rpm", "delve-debugsource-0:1.26.1-1.module+el8.10.0+40244+e7cb3ff8.x86_64.rpm", "golang-0:1.26.5-1.module+el8.10.0+40244+e7cb3ff8.aarch64.rpm", "golang-0:1.26.5-1.module+el8.10.0+40244+e7cb3ff8.src.rpm", "golang-0:1.26.5-1.module+el8.10.0+40244+e7cb3ff8.x86_64.rpm", "golang-bin-0:1.26.5-1.module+el8.10.0+40244+e7cb3ff8.aarch64.rpm", "golang-bin-0:1.26.5-1.module+el8.10.0+40244+e7cb3ff8.x86_64.rpm", "golang-docs-0:1.26.5-1.module+el8.10.0+40244+e7cb3ff8.noarch.rpm", "golang-misc-0:1.26.5-1.module+el8.10.0+40244+e7cb3ff8.noarch.rpm", "golang-race-0:1.26.5-1.module+el8.10.0+40244+e7cb3ff8.aarch64.rpm", "golang-race-0:1.26.5-1.module+el8.10.0+40244+e7cb3ff8.x86_64.rpm", "golang-src-0:1.26.5-1.module+el8.10.0+40244+e7cb3ff8.noarch.rpm", "golang-tests-0:1.26.5-1.module+el8.10.0+40244+e7cb3ff8.noarch.rpm", "go-toolset-0:1.26.5-1.module+el8.10.0+40244+e7cb3ff8.aarch64.rpm", "go-toolset-0:1.26.5-1.module+el8.10.0+40244+e7cb3ff8.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Rocky Linux updates for go-toolsetcontain important security fixes including denial of service and privilege escalation issues.. Rocky Linux, Go Toolset, Security Fixes, Privilege Escalation, Denial of Service. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 15, 2026 Important Rocky Linux
172

Ubuntu 16.04 LTS Linux kernel Privilege Escalation Vulnern USN-8548-1

Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8548-1 July 15, 2026 linux-aws, linux-fips, linux-lts-xenial vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-fips: Linux kernel with FIPS - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Details: It was discovered that a logic flaw existed in the XFRM ESP-in-TCP subsystem in the Linux kernel when handling socket buffer fragments. This flaw is known as Fragnesia. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-43503) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SCSI subsystem; - Thermal drivers; - USB over IP driver; - File systems infrastructure; - Ext4 file system; - Network file system (NFS) server daemon; - SMB network file system; - Tracing infrastructure; - B.A.T.M.A.N. meshing protocol; - Ceph Core library; - DCCP (Datagram Congestion Control Protocol); - IPv4 networking; - IPv6 networking; - Netfilter; - RxRPC session sockets; - X.25 network layer; (CVE-2021-47117, CVE-2021-47202, CVE-2023-52646, CVE-2024-56643, CVE-2026-23455, CVE-2026-31402, CVE-2026-31607, CVE-2026-31637, CVE-2026-31659, CVE-2026-31685, CVE-2026-43011, CVE-2026-43037, CVE-2026-43038, CVE-2026-43383, CVE-2026-43407, CVE-2026-43414, CVE-2026-45988, CVE-2026-46119, CVE-2026-46243) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS linux-image-4.4.0-1126-fips 4.4.0-1126.133 Available with Ubuntu Pro linux-image-fips 4.4.0.1126.128 Available with Ubuntu Pro Ubuntu 14.04 LTS linux-image-4.4.0-1156-aws 4.4.0-1156.162 Available with Ubuntu Pro linux-image-4.4.0-283-generic 4.4.0-283.317~14.04.1 Available with Ubuntu Pro linux-image-4.4.0-283-lowlatency 4.4.0-283.317~14.04.1 Available with Ubuntu Pro linux-image-aws 4.4.0.1156.153 Available with Ubuntu Pro linux-image-generic-lts-xenial 4.4.0.283.317~14.04.1 Available with Ubuntu Pro linux-image-lowlatency-lts-xenial 4.4.0.283.317~14.04.1 Available with Ubuntu Pro linux-image-virtual-lts-xenial 4.4.0.283.317~14.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8548-1 CVE-2021-47117, CVE-2021-47202, CVE-2023-52646, CVE-2024-56643, CVE-2026-23455, CVE-2026-31402, CVE-2026-31607, CVE-2026-31637, CVE-2026-31659, CVE-2026-31685, CVE-2026-43011, CVE-2026-43037, CVE-2026-43038, CVE-2026-43383, CVE-2026-43407, CVE-2026-43414, CVE-2026-43503, CVE-2026-45988, CVE-2026-46119, CVE-2026-46243 Package Information: https://launchpad.net/ubuntu/+source/linux-fips/4.4.0-1126.133 . Securityupdate for Ubuntu addresses several critical flaws in the Linux kernel affecting multiple versions and subsystems.. Linux kernel security, Ubuntu update, Privilege escalation risk. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 15, 2026 Important Ubuntu
203

Mageia Thunderbird Important Security Updates 2026-0243 CVE-2026-12289

Security update. Publication date: 13 Jul 2026 URL: https://advisories.mageia.org/MGASA-2026-0243.html Type: security Affected Mageia releases: 10, 9 CVE: CVE-2026-12289, CVE-2026-12290, CVE-2026-12291, CVE-2026-12292, CVE-2026-12294, CVE-2026-12295, CVE-2026-12296, CVE-2026-12297, CVE-2026-12298, CVE-2026-12299, CVE-2026-12302, CVE-2026-12304, CVE-2026-12305, CVE-2026-12306, CVE-2026-12307, CVE-2026-12308, CVE-2026-12309, CVE-2026-12310, CVE-2026-12311, CVE-2026-12312, CVE-2026-12313, CVE-2026-12314, CVE-2026-12315, CVE-2026-12330, CVE-2026-12324, CVE-2026-12325, CVE-2026-12327, CVE-2026-12328, CVE-2026-12329, CVE-2026-57962, CVE-2026-57963 Description: The updated packages fix security vulnerabilities: Privilege escalation in the Graphics: WebRender component. (CVE-2026-12289) Memory safety bug fixed in Thunderbird ESR 140.12. (CVE-2026-12290) Use-after-free in the Networking: HTTP component. (CVE-2026-12291) Incorrect boundary conditions in the Web Audio component. (CVE-2026-12292) Sandbox escape in the DOM: Workers component. (CVE-2026-12294) Sandbox escape in the DOM: Navigation component. (CVE-2026-12295) Memory safety bug fixed in Thunderbird ESR 140.12. (CVE-2026-12298) Sandbox escape in the Security: Process Sandboxing component. (CVE-2026-12296) Sandbox escape due to incorrect boundary conditions in the Networking component. (CVE-2026-12297) JIT miscompilation in the DOM: Core & HTML component. (CVE-2026-12299) Memory safety bug fixed in Thunderbird ESR 140.12. (CVE-2026-12329) Mitigation bypass in the DOM: Security component. (CVE-2026-12302) Same-origin policy bypass in the Networking: Cookies component. (CVE-2026-12304) Memory safety bug fixed in Thunderbird ESR 140.12. (CVE-2026-12305) Memory safety bug fixed in Thunderbird ESR 140.12. (CVE-2026-12306) Memory safety bug fixed in Thunderbird ESR 140.12. (CVE-2026-12307) Memory safety bug fixed inThunderbird ESR 140.12. (CVE-2026-12308) Memory safety bug fixed in Thunderbird ESR 140.12. (CVE-2026-12309) Memory safety bug fixed in Thunderbird ESR 140.12. (CVE-2026-12310) Information disclosure, sandbox escape in the Security: Process Sandboxing component. (CVE-2026-12311) Memory safety bug fixed in Thunderbird ESR 140.12. (CVE-2026-12312) Information disclosure, sandbox escape in the Security: Process Sandboxing component. (CVE-2026-12313) Memory safety bug fixed in Thunderbird ESR 140.12. (CVE-2026-12314) Mitigation bypass in the DOM: Security component. (CVE-2026-12315) Incorrect boundary conditions in the Internationalization component. (CVE-2026-12330) Incorrect boundary conditions in the Graphics: CanvasWebGL component. (CVE-2026-12324) Denial-of-service in the Graphics: ImageLib component. (CVE-2026-12325) Memory safety bugs fixed in Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152. (CVE-2026-12327) Memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152. (CVE-2026-12328) Denial-of-service via malicious LDAP address-book server. (CVE-2026-57962) Chat UI manipulation by injection. (CVE-2026-57963) References: - https://bugs.mageia.org/show_bug.cgi?id=35716 - https://www.thunderbird.net/en-US/thunderbird/140.12.0esr/releasenotes/ - https://www.mozilla.org/en-US/security/advisories/mfsa2026-61/ - https://www.thunderbird.net/en-US/thunderbird/140.12.1esr/releasenotes/ - https://www.mozilla.org/en-US/security/advisories/mfsa2026-64/ - https://www.cve.org/CVERecord?id=CVE-2026-12289 - https://www.cve.org/CVERecord?id=CVE-2026-12290 - https://www.cve.org/CVERecord?id=CVE-2026-12291 - https://www.cve.org/CVERecord?id=CVE-2026-12292 - https://www.cve.org/CVERecord?id=CVE-2026-12294 - https://www.cve.org/CVERecord?id=CVE-2026-12295 - https://www.cve.org/CVERecord?id=CVE-2026-12296 - https://www.cve.org/CVERecord?id=CVE-2026-12297 - https://www.cve.org/CVERecord?id=CVE-2026-12298 -https://www.cve.org/CVERecord?id=CVE-2026-12299 - https://www.cve.org/CVERecord?id=CVE-2026-12302 - https://www.cve.org/CVERecord?id=CVE-2026-12304 - https://www.cve.org/CVERecord?id=CVE-2026-12305 - https://www.cve.org/CVERecord?id=CVE-2026-12306 - https://www.cve.org/CVERecord?id=CVE-2026-12307 - https://www.cve.org/CVERecord?id=CVE-2026-12308 - https://www.cve.org/CVERecord?id=CVE-2026-12309 - https://www.cve.org/CVERecord?id=CVE-2026-12310 - https://www.cve.org/CVERecord?id=CVE-2026-12311 - https://www.cve.org/CVERecord?id=CVE-2026-12312 - https://www.cve.org/CVERecord?id=CVE-2026-12313 - https://www.cve.org/CVERecord?id=CVE-2026-12314 - https://www.cve.org/CVERecord?id=CVE-2026-12315 - https://www.cve.org/CVERecord?id=CVE-2026-12330 - https://www.cve.org/CVERecord?id=CVE-2026-12324 - https://www.cve.org/CVERecord?id=CVE-2026-12325 - https://www.cve.org/CVERecord?id=CVE-2026-12327 - https://www.cve.org/CVERecord?id=CVE-2026-12328 - https://www.cve.org/CVERecord?id=CVE-2026-12329 - https://www.cve.org/CVERecord?id=CVE-2026-57962 - https://www.cve.org/CVERecord?id=CVE-2026-57963 SRPMS: - 10/core/thunderbird-140.12.1-1.mga10 - 10/core/thunderbird-l10n-140.12.1-1.mga10 - 9/core/thunderbird-140.12.1-1.mga9 - 9/core/thunderbird-l10n-140.12.1-1.mga9 . Security updates fix several critical components in Thunderbird for Mageia including privilege escalation and memory safety bugs.. Mageia security advisory, Thunderbird update, privilege escalation, memory safety issues. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Important Mageia
100

SUSE Linux Micro 6.2 QEMU Important Privilege Escalation CVE-2026-3886

An update that solves three vulnerabilities, contains one feature and has two fixes can now be installed.. # Security update for qemu Announcement ID: SUSE-SU-2026:22550-1 Release Date: 2026-07-07T17:46:01Z Rating: important References: * bsc#1199023 * bsc#1268061 * bsc#1268279 * bsc#1268794 * bsc#1270133 * jsc#PED-9266 Cross-References: * CVE-2026-3886 * CVE-2026-48004 * CVE-2026-48914 CVSS scores: * CVE-2026-3886 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2026-48004 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2026-48914 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:H * CVE-2026-48914 ( NVD ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:H Affected Products: * SUSE Linux Micro 6.2 An update that solves three vulnerabilities, contains one feature and has two fixes can now be installed. ## Description: This update for qemu fixes the following issues: Update to version 10.0.11. Security issues fixed: * CVE-2026-3886: integer overflow leading to privilege escalation due to lack of proper validation of user-supplied data in the virtio-gpu driver (bsc#1268061). * CVE-2026-48914: heap buffer overflow due to improper size validation in virtio-blk SCSI request handling (bsc#1268794). * CVE-2026-48004: heap use-after-free race condition due to missing rename lock in v9fs_co_readdir_many (bsc#1270133). Other updates and bugfixes: * Version 10.0.11: * Full backport list here: https://lore.kernel.org/qemu- devel/This email address is being protected from spambots. You need JavaScript enabled to view it./ * Version 10.0.10: * Full backport list here: https://lore.kernel.org/qemu- devel/This email address is being protected from spambots. You need JavaScript enabled to view it./ * ppc/spapr: Skip system reset for quiesced CPUs (bsc#1268279). * i386/tdx: handle TDG.VP.VMCALL (jsc#PED-9266). * i386/tdx: handle TDG.VP.VMCALL (jsc#PED-9266). * update Linux headers to v6.16-rc3 (jsc#PED-9266). * i386/cpu: Warn about why CPUID_EXT_PDCM is notavailable (jsc#PED-9266). * i386/cpu: Move adjustment of CPUID_EXT_PDCM before feature_dependencies[] check (jsc#PED-9266). * [openSUSE] qemu-ga: fix service file against no-autostart (bsc#1199023). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.2 zypper in -t patch SUSE-SL-Micro-6.2-1174=1 ## Package List: * SUSE Linux Micro 6.2 (noarch) * qemu-seabios-10.0.111.16.3_3_g3d33c746-160000.1.1 * qemu-lang-10.0.11-160000.1.1 * qemu-ipxe-10.0.11-160000.1.1 * qemu-SLOF-10.0.11-160000.1.1 * qemu-vgabios-10.0.111.16.3_3_g3d33c746-160000.1.1 * SUSE Linux Micro 6.2 (aarch64 ppc64le s390x x86_64) * qemu-10.0.11-160000.1.1 * qemu-chardev-spice-10.0.11-160000.1.1 * qemu-ui-spice-core-10.0.11-160000.1.1 * qemu-hw-usb-host-10.0.11-160000.1.1 * qemu-chardev-spice-debuginfo-10.0.11-160000.1.1 * qemu-ui-opengl-debuginfo-10.0.11-160000.1.1 * qemu-audio-spice-debuginfo-10.0.11-160000.1.1 * qemu-block-ssh-10.0.11-160000.1.1 * qemu-guest-agent-debuginfo-10.0.11-160000.1.1 * qemu-hw-display-virtio-vga-10.0.11-160000.1.1 * qemu-ui-opengl-10.0.11-160000.1.1 * qemu-debugsource-10.0.11-160000.1.1 * qemu-block-iscsi-10.0.11-160000.1.1 * qemu-img-10.0.11-160000.1.1 * qemu-hw-display-virtio-gpu-pci-10.0.11-160000.1.1 * qemu-hw-display-virtio-gpu-debuginfo-10.0.11-160000.1.1 * qemu-block-ssh-debuginfo-10.0.11-160000.1.1 * qemu-hw-usb-host-debuginfo-10.0.11-160000.1.1 * qemu-img-debuginfo-10.0.11-160000.1.1 * qemu-block-iscsi-debuginfo-10.0.11-160000.1.1 * qemu-audio-spice-10.0.11-160000.1.1 * qemu-hw-usb-redirect-debuginfo-10.0.11-160000.1.1 * qemu-hw-display-virtio-gpu-10.0.11-160000.1.1 * qemu-hw-display-virtio-vga-debuginfo-10.0.11-160000.1.1 * qemu-hw-usb-redirect-10.0.11-160000.1.1 *qemu-pr-helper-10.0.11-160000.1.1 * qemu-pr-helper-debuginfo-10.0.11-160000.1.1 * qemu-ui-spice-core-debuginfo-10.0.11-160000.1.1 * qemu-ksm-10.0.11-160000.1.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-10.0.11-160000.1.1 * qemu-debuginfo-10.0.11-160000.1.1 * qemu-guest-agent-10.0.11-160000.1.1 * qemu-hw-display-qxl-debuginfo-10.0.11-160000.1.1 * qemu-tools-10.0.11-160000.1.1 * qemu-hw-display-qxl-10.0.11-160000.1.1 * qemu-tools-debuginfo-10.0.11-160000.1.1 * SUSE Linux Micro 6.2 (x86_64) * qemu-vmsr-helper-debuginfo-10.0.11-160000.1.1 * qemu-vmsr-helper-10.0.11-160000.1.1 * qemu-x86-10.0.11-160000.1.1 * qemu-x86-debuginfo-10.0.11-160000.1.1 * SUSE Linux Micro 6.2 (s390x) * qemu-s390x-debuginfo-10.0.11-160000.1.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-10.0.11-160000.1.1 * qemu-hw-s390x-virtio-gpu-ccw-10.0.11-160000.1.1 * qemu-s390x-10.0.11-160000.1.1 * SUSE Linux Micro 6.2 (ppc64le) * qemu-ppc-10.0.11-160000.1.1 * qemu-ppc-debuginfo-10.0.11-160000.1.1 * SUSE Linux Micro 6.2 (aarch64) * qemu-arm-10.0.11-160000.1.1 * qemu-arm-debuginfo-10.0.11-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-3886.html * https://www.suse.com/security/cve/CVE-2026-48004.html * https://www.suse.com/security/cve/CVE-2026-48914.html * https://bugzilla.suse.com/show_bug.cgi?id=1199023 * https://bugzilla.suse.com/show_bug.cgi?id=1268061 * https://bugzilla.suse.com/show_bug.cgi?id=1268279 * https://bugzilla.suse.com/show_bug.cgi?id=1268794 * https://bugzilla.suse.com/show_bug.cgi?id=1270133 * https://jira.suse.com/browse/PED-9266 . Important security update for SUSE's qemu addresses multiple vulnerabilities including buffer overflows and privilege escalations.. SUSE Linux Micro, qemu vulnerabilities, security patch, privilege escalation, heap overflow. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 13, 2026 Important SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200