Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -7 articles for you...
203
security advisoryinformation leaksymmetric cryptographyMageia 9: 2025-0184 moderate: golang information leak and handling issues
Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVE-2025-4673. os: inconsistent handling of O_CREATE|O_EXCL on Unix and Windows os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and . MGASA-2025-0184 - Updated golang packages fix security vulnerabilities Publication date: 09 Jun 2025 URL: https://advisories.mageia.org/MGASA-2025-0184.html Type: security Affected Mageia releases: 9 CVE: CVE-2025-4673, CVE-2025-0913, CVE-2025-22874 Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVE-2025-4673. os: inconsistent handling of O_CREATE|O_EXCL on Unix and Windows os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location - CVE-2025-0913. crypto/x509: usage of ExtKeyUsageAny disables policy validation. Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon - CVE-2025-22874. OpenFile now always returns an error when the O_CREATE and O_EXCL flags are both set and the target path is a symlink. References: - https://bugs.mageia.org/show_bug.cgi?id=34353 - https://www.openwall.com/lists/oss-security/2025/06/05/5 - https://www.cve.org/CVERecord?id=CVE-2025-4673 - https://www.cve.org/CVERecord?id=CVE-2025-0913 - https://www.cve.org/CVERecord?id=CVE-2025-22874 SRPMS: - 9/core/golang-1.24.4-1.mga9 . Recent updates to Golang packages mitigate serious data leakage and management concerns impacting Mageia systems. Discover essential resolutions and their implications.. Mageia security, golang update, informationleak, proxy vulnerabilities, cross-origin issues. . LinuxSecurity.com Team
Jun 09, 2025
Mageia
89
security advisoryFedoramedium severityUbuntu 16.04: UBN-2021-112 High: OpenSSL Security Patch
Updated package.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2005-162 2005-03-17 ---------------------------------------------------------------------Product : Fedora Core 3 Name : libsoup Version : 2.2.2 Release : 1.FC3 Summary : Soup, an HTTP library implementation Description : Libsoup is an HTTP library implementation in C. It was originally part of a SOAP (Simple Object Access Protocol) implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications. This enables GNOME applications to access HTTP servers on the network in a completely asynchronous fashion, very similar to the Gtk+ programming model (a synchronous operation mode is also supported for those who want it). ---------------------------------------------------------------------Update Information: Changes in libsoup from 2.2.1 to 2.2.2: * The SSL validation fix from 2.2.1 [64414] is now completely fixed. (Part of the fix didn't actually make it into 2.2.1) * HTTPS certificate validation now works when using an HTTP proxy. [68583] * HTTP proxy code deals better with proxies that try to make the user do HTML-form-based authentication. [68531] * 64-bit fixes for NTLM auth code. [70323, from Michael Zucchi] ---------------------------------------------------------------------* Mon Feb 21 2005 David Malcolm - 2.2.2-1.FC3 - update from 2.2.1 to 2.2.2 ---------------------------------------------------------------------This update can be downloaded from: fb73de21f6132a8e400fc7e898ecc0ec SRPMS/libsoup-2.2.2-1.FC3.src.rpm 21c68360fc0a8dbfc04fb460f513a2fb x86_64/libsoup-2.2.2-1.FC3.x86_64.rpm 4a2058515b6a418f0b74d8f0b2f497ad x86_64/libsoup-devel-2.2.2-1.FC3.x86_64.rpm 4f53720e5385fbf232eadd44d2e06935 x86_64/debug/libsoup-debuginfo-2.2.2-1.FC3.x86_64.rpm 65821624199289f1e0fec03b4a4c476f x86_64/libsoup-2.2.2-1.FC3.i386.rpm 65821624199289f1e0fec03b4a4c476f i386/libsoup-2.2.2-1.FC3.i386.rpm 6d06bc53927ef018b27394d88cb29705 i386/libsoup-devel-2.2.2-1.FC3.i386.rpm e7b565743ce4e9784e4e475b1f89a268 i386/debug/libsoup-debuginfo-2.2.2-1.FC3.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. -----------------------------------------------------------------------fedora-announce-list mailing list
Mar 17, 2005
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!