Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 488
Alerts This Week
Warning Icon 1 488

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 752 articles for you...
219

Rocky Linux python3.12 Major Denial of Service Fix RLSA-2026-39893 Released

Important: python3.12 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:39893", "synopsis": "Important: python3.12 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for python3.12.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* python: Python: CPU Denial of Service in HTML parser via repeated unterminated markup declarations (CVE-2026-15308)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2498608", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2498608", "description": ""}], "cves": [{"name": "CVE-2026-15308", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-15308", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-835"}], "references": [], "publishedAt": "2026-07-16T00:01:09.519027Z", "rpms": {"Rocky Linux 8": {"nvras": ["python3.12-0:3.12.13-3.el8_10.aarch64.rpm", "python3.12-0:3.12.13-3.el8_10.i686.rpm", "python3.12-0:3.12.13-3.el8_10.src.rpm", "python3.12-0:3.12.13-3.el8_10.x86_64.rpm", "python3.12-debug-0:3.12.13-3.el8_10.aarch64.rpm", "python3.12-debug-0:3.12.13-3.el8_10.i686.rpm", "python3.12-debug-0:3.12.13-3.el8_10.x86_64.rpm", "python3.12-debuginfo-0:3.12.13-3.el8_10.aarch64.rpm","python3.12-debuginfo-0:3.12.13-3.el8_10.i686.rpm", "python3.12-debuginfo-0:3.12.13-3.el8_10.x86_64.rpm", "python3.12-debugsource-0:3.12.13-3.el8_10.aarch64.rpm", "python3.12-debugsource-0:3.12.13-3.el8_10.i686.rpm", "python3.12-debugsource-0:3.12.13-3.el8_10.x86_64.rpm", "python3.12-devel-0:3.12.13-3.el8_10.aarch64.rpm", "python3.12-devel-0:3.12.13-3.el8_10.i686.rpm", "python3.12-devel-0:3.12.13-3.el8_10.x86_64.rpm", "python3.12-idle-0:3.12.13-3.el8_10.aarch64.rpm", "python3.12-idle-0:3.12.13-3.el8_10.i686.rpm", "python3.12-idle-0:3.12.13-3.el8_10.x86_64.rpm", "python3.12-libs-0:3.12.13-3.el8_10.aarch64.rpm", "python3.12-libs-0:3.12.13-3.el8_10.i686.rpm", "python3.12-libs-0:3.12.13-3.el8_10.x86_64.rpm", "python3.12-rpm-macros-0:3.12.13-3.el8_10.noarch.rpm", "python3.12-test-0:3.12.13-3.el8_10.aarch64.rpm", "python3.12-test-0:3.12.13-3.el8_10.i686.rpm", "python3.12-test-0:3.12.13-3.el8_10.x86_64.rpm", "python3.12-tkinter-0:3.12.13-3.el8_10.aarch64.rpm", "python3.12-tkinter-0:3.12.13-3.el8_10.i686.rpm", "python3.12-tkinter-0:3.12.13-3.el8_10.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. An important security update for python3.12 in Rocky Linux addresses a denial of service issue. Update recommended.. Rocky Linux, python3.12, Denial Of Service, Important Security, Update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 16, 2026 Important Rocky Linux
219

Rocky Linux python3.12 Important CPU Denial of Service RLSA-2026-39183

Important: python3.12 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2026:39183", "synopsis": "Important: python3.12 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for python3.12.\nThis update affects Rocky Linux 10.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nSecurity Fix(es):\n\n* python: Python: CPU Denial of Service in HTML parser via repeated unterminated markup declarations (CVE-2026-15308)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 10"], "fixes": [{"ticket": "2498608", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2498608", "description": ""}], "cves": [{"name": "CVE-2026-15308", "sourceBy": "MITRE", "sourceLink": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-15308", "cvss3ScoringVector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "cvss3BaseScore": "7.5", "cwe": "CWE-835"}], "references": [], "publishedAt": "2026-07-15T12:06:01.640959Z", "rpms": {"Rocky Linux 10": {"nvras": ["python3-test-0:3.12.13-2.el10_2.1.ppc64le.rpm", "python3-devel-0:3.12.13-2.el10_2.1.aarch64.rpm", "python3-libs-0:3.12.13-2.el10_2.1.ppc64le.rpm", "python3-debug-0:3.12.13-2.el10_2.1.ppc64le.rpm", "python3-devel-0:3.12.13-2.el10_2.1.x86_64.rpm", "python3-test-0:3.12.13-2.el10_2.1.aarch64.rpm", "python3-idle-0:3.12.13-2.el10_2.1.ppc64le.rpm", "python3.12-debugsource-0:3.12.13-2.el10_2.1.s390x.rpm","python3-libs-0:3.12.13-2.el10_2.1.x86_64.rpm", "python3-debug-0:3.12.13-2.el10_2.1.x86_64.rpm", "python3-test-0:3.12.13-2.el10_2.1.x86_64.rpm", "python3-0:3.12.13-2.el10_2.1.aarch64.rpm", "python3.12-debugsource-0:3.12.13-2.el10_2.1.ppc64le.rpm", "python3-libs-0:3.12.13-2.el10_2.1.s390x.rpm", "python3.12-debuginfo-0:3.12.13-2.el10_2.1.x86_64.rpm", "python3-tkinter-0:3.12.13-2.el10_2.1.s390x.rpm", "python3.12-debuginfo-0:3.12.13-2.el10_2.1.aarch64.rpm", "python3-0:3.12.13-2.el10_2.1.s390x.rpm", "python3-idle-0:3.12.13-2.el10_2.1.aarch64.rpm", "python3-devel-0:3.12.13-2.el10_2.1.ppc64le.rpm", "python3-idle-0:3.12.13-2.el10_2.1.s390x.rpm", "python3-0:3.12.13-2.el10_2.1.x86_64.rpm", "python3-idle-0:3.12.13-2.el10_2.1.x86_64.rpm", "python3-0:3.12.13-2.el10_2.1.ppc64le.rpm", "python3-test-0:3.12.13-2.el10_2.1.s390x.rpm", "python-unversioned-command-0:3.12.13-2.el10_2.1.noarch.rpm", "python3-tkinter-0:3.12.13-2.el10_2.1.ppc64le.rpm", "python3.12-debuginfo-0:3.12.13-2.el10_2.1.s390x.rpm", "python3-libs-0:3.12.13-2.el10_2.1.aarch64.rpm", "python3.12-0:3.12.13-2.el10_2.1.src.rpm", "python3-debug-0:3.12.13-2.el10_2.1.s390x.rpm", "python3-tkinter-0:3.12.13-2.el10_2.1.x86_64.rpm", "python3-devel-0:3.12.13-2.el10_2.1.s390x.rpm", "python3.12-debugsource-0:3.12.13-2.el10_2.1.aarch64.rpm", "python3-debug-0:3.12.13-2.el10_2.1.aarch64.rpm", "python3.12-debugsource-0:3.12.13-2.el10_2.1.x86_64.rpm", "python3-tkinter-0:3.12.13-2.el10_2.1.aarch64.rpm", "python3.12-debuginfo-0:3.12.13-2.el10_2.1.ppc64le.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Updated python3.12 releases for Rocky Linux 10 address a critical CPU denial of service issue affecting the HTML parser.. Rocky Linux python3 update, CPU denial service security, important security patch, python3.12 advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 15, 2026 Important Rocky Linux
172

Ubuntu 26.04 LTS Python-idna Important DoS Issue 8549-1

idna could be made to consume resources if it received specially crafted input.. ========================================================================== Ubuntu Security Notice USN-8549-1 July 15, 2026 python-idna vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 26.04 LTS - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: idna could be made to consume resources if it received specially crafted input. Software Description: - python-idna: Python IDNA2008 (RFC 5891) handling Details: It was discovered that idna did not properly reject oversized inputs before performing expensive processing. An attacker could possibly use this issue to cause idna to consume significant resources, leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 26.04 LTS python3-idna 3.11-1ubuntu0.1 Ubuntu 24.04 LTS python3-idna 3.6-2ubuntu0.2 Ubuntu 22.04 LTS python3-idna 3.3-1ubuntu0.2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8549-1 CVE-2026-45409 Package Information: https://launchpad.net/ubuntu/+source/python-idna/3.11-1ubuntu0.1 https://launchpad.net/ubuntu/+source/python-idna/3.6-2ubuntu0.2 https://launchpad.net/ubuntu/+source/python-idna/3.3-1ubuntu0.2 . A significant security issue affects Ubuntu systems involving idna, which can lead to resource consumption with crafted input.. Ubuntu Security, Denial of Service, Python IDNA, Resource Consumption, Security Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 15, 2026 Important Ubuntu
202

openSUSE Tumbleweed python313-django-debug-toolbar CVE-2021-30459 Issue

An update that solves one vulnerability can now be installed.. # python313-django-debug-toolbar-7.0.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:11271-1 Rating: moderate Cross-References: * CVE-2021-30459 Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the python313-django-debug-toolbar-7.0.0-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * python313-django-debug-toolbar 7.0.0-1.1 * python314-django-debug-toolbar 7.0.0-1.1 ## References: * https://www.suse.com/security/cve/CVE-2021-30459.html . OpenSUSE Tumbleweed provides a moderate security fix for python313-django-debug-toolbar addressing CVE-2021-30459.. opensuse update, django debugger, security patch, moderate severity, python application. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jul 15, 2026 moderate OpenSUSE
217

Oracle Linux 8 vim Important Code Exec Risk ELSA-2026-38510

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-38510 http://linux.oracle.com/errata/ELSA-2026-38510.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: vim-X11-8.0.1763-27.0.1.el8_10.x86_64.rpm vim-common-8.0.1763-27.0.1.el8_10.x86_64.rpm vim-enhanced-8.0.1763-27.0.1.el8_10.x86_64.rpm vim-filesystem-8.0.1763-27.0.1.el8_10.noarch.rpm vim-minimal-8.0.1763-27.0.1.el8_10.x86_64.rpm aarch64: vim-X11-8.0.1763-27.0.1.el8_10.aarch64.rpm vim-common-8.0.1763-27.0.1.el8_10.aarch64.rpm vim-enhanced-8.0.1763-27.0.1.el8_10.aarch64.rpm vim-filesystem-8.0.1763-27.0.1.el8_10.noarch.rpm vim-minimal-8.0.1763-27.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/vim-8.0.1763-27.0.1.el8_10.src.rpm Related CVEs: CVE-2026-46483 CVE-2026-47162 CVE-2026-47167 CVE-2026-52858 Description of changes: [8.0.1763-27.0.1] - Remove upstream references [Orabug: 31197557] - Added glibc-gconv-extra to common requires to provide ISO-8859-2 [Orabug: 34114984] [2:8.0.1763-27] - RHEL-186656 CVE-2026-47162 vim: netrw code injection via NetrwBookHistSave - RHEL-186648 CVE-2026-52858 vim: possible code execution with python3complete [2:8.0.1763-26] - CVE-2026-47167 vim: Code Injection in cucumber filetype plugin [2:8.0.1763-25] - RHEL-178234 CVE-2026-46483 vim: command injection in tar plugin via shellescape _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 8 updates for vim address code execution and injection risks. Users are advised to apply the updates promptly.. Oracle Linux 8, vim update, code injection, security advisory, system stability. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 14, 2026 Important Oracle
202

openSUSE Tumbleweed python313-websockets Moderate Issue CVE-2018-1000518

An update that solves one vulnerability can now be installed.. # python313-websockets-16.0-2.1 on GA media Announcement ID: openSUSE-SU-2026:11240-1 Rating: moderate Cross-References: * CVE-2018-1000518 Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the python313-websockets-16.0-2.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * python313-websockets 16.0-2.1 * python314-websockets 16.0-2.1 ## References: * https://www.suse.com/security/cve/CVE-2018-1000518.html . An update for openSUSE addresses moderate severity security issues in python313-websockets package.. openSUSE Tumbleweed, python313-websockets, security alert, package update. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jul 12, 2026 moderate OpenSUSE
100

SUSE Manager Client Tools Important Security Update 2026-22527-1

An update that solves nine vulnerabilities, contains one feature and has 12 fixes can now be installed.. # Security update for SUSE Manager Client Tools and Salt Bundle Announcement ID: SUSE-SU-2026:22527-1 Release Date: 2025-02-03T09:00:46Z Rating: important References: * bsc#1219041 * bsc#1220357 * bsc#1222842 * bsc#1226141 * bsc#1226447 * bsc#1226448 * bsc#1226469 * bsc#1227547 * bsc#1228105 * bsc#1228780 * bsc#1229109 * bsc#1229539 * bsc#1229654 * bsc#1229704 * bsc#1229873 * bsc#1229994 * bsc#1229995 * bsc#1229996 * bsc#1230058 * bsc#1230059 * bsc#1230322 * jsc#MSQA-863 Cross-References: * CVE-2024-0397 * CVE-2024-3651 * CVE-2024-37891 * CVE-2024-4032 * CVE-2024-5569 * CVE-2024-6345 * CVE-2024-6923 * CVE-2024-7592 * CVE-2024-8088 CVSS scores: * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-0397 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-3651 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3651 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3651 ( NVD ): 6.2 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37891 ( SUSE ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-37891 ( NVD ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-37891 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-4032 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-5569 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-5569 ( NVD ): 6.2 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6345 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-6345 ( NVD ): 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-6923 ( NVD ): 5.5CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8088 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8088 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-8088 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:X/RE:L/U:X Affected Products: * SUSE Linux Micro 6.0 * SUSE Linux Micro 6.1 * SUSE Multi-Linux Manager Client Tools for SUSE Linux Micro 6 An update that solves nine vulnerabilities, contains one feature and has 12 fixes can now be installed. ## Description: This update for SUSE Manager Client Tools and Salt Bundle the following issues: uyuni-tools: venv-salt-minion: * Security fixes on Python 3.11 interpreter: * CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes (bsc#1229873, bsc#1230059) * CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path (bsc#1229704, bsc#1230058) * CVE-2024-6923: Prevent email header injection due to unquoted newlines (bsc#1228780) * CVE-2024-4032: Rearranging definition of private global IP addresses (bsc#1226448) * CVE-2024-0397: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads (bsc#1226447) * Security fixes on Python dependencies: * CVE-2024-5569: zipp: Fixed a Denial of Service (DoS) vulnerability in the jaraco/zipp library (bsc#1227547, bsc#1229996) * CVE-2024-6345: setuptools: Sanitize any VCS URL used for download (bsc#1228105, bsc#1229995) * CVE-2024-3651:idna: Fix a potential DoS via resource consumption via specially crafted inputs to idna.encode() (bsc#1222842, bsc#1229994) * CVE-2024-37891: urllib3: Added the `Proxy-Authorization` header to the list of headers to strip from requests when redirecting to a different host (bsc#1226469, bsc#1229654) * Other bugs fixed: * Fixed failing x509 tests with OpenSSL < 1.1 * Avoid explicit reading of /etc/salt/minion (bsc#1220357) * Allow NamedLoaderContexts to be returned from loader * Reverted the change making reactor less blocking (bsc#1230322) * Use --cachedir for extension_modules in salt-call (bsc#1226141) * Prevent using SyncWrapper with no reason * Enable post_start_cleanup.sh to work in a transaction * Fixed the SELinux context for Salt Minion service (bsc#1219041) * Increase warn_until_date date for code we still support * Avoid crash on wrong output of systemctl version (bsc#1229539) * Improved error handling with different OpenSSL versions * Fixed cloud Minion configuration for multiple Masters (bsc#1229109) * Use Pygit2 id instead of deprecated oid in gitfs * Added passlib Python module to the bundle ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Multi-Linux Manager Client Tools for SUSE Linux Micro 6 zypper in -t patch Multi-Linux-ManagerTools-SL-Micro-669=1 ## Package List: * SUSE Multi-Linux Manager Client Tools for SUSE Linux Micro 6 (aarch64 ppc64le s390x x86_64) * mgrctl-debuginfo-0.1.23-2.1 * mgrctl-0.1.23-2.1 * venv-salt-minion-3006.0-3.1 * SUSE Multi-Linux Manager Client Tools for SUSE Linux Micro 6 (noarch) * mgrctl-zsh-completion-0.1.23-2.1 * mgrctl-lang-0.1.23-2.1 * mgrctl-bash-completion-0.1.23-2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0397.html *https://www.suse.com/security/cve/CVE-2024-3651.html * https://www.suse.com/security/cve/CVE-2024-37891.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://www.suse.com/security/cve/CVE-2024-5569.html * https://www.suse.com/security/cve/CVE-2024-6345.html * https://www.suse.com/security/cve/CVE-2024-6923.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://www.suse.com/security/cve/CVE-2024-8088.html * https://bugzilla.suse.com/show_bug.cgi?id=1219041 * https://bugzilla.suse.com/show_bug.cgi?id=1220357 * https://bugzilla.suse.com/show_bug.cgi?id=1222842 * https://bugzilla.suse.com/show_bug.cgi?id=1226141 * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 * https://bugzilla.suse.com/show_bug.cgi?id=1226469 * https://bugzilla.suse.com/show_bug.cgi?id=1227547 * https://bugzilla.suse.com/show_bug.cgi?id=1228105 * https://bugzilla.suse.com/show_bug.cgi?id=1228780 * https://bugzilla.suse.com/show_bug.cgi?id=1229109 * https://bugzilla.suse.com/show_bug.cgi?id=1229539 * https://bugzilla.suse.com/show_bug.cgi?id=1229654 * https://bugzilla.suse.com/show_bug.cgi?id=1229704 * https://bugzilla.suse.com/show_bug.cgi?id=1229873 * https://bugzilla.suse.com/show_bug.cgi?id=1229994 * https://bugzilla.suse.com/show_bug.cgi?id=1229995 * https://bugzilla.suse.com/show_bug.cgi?id=1229996 * https://bugzilla.suse.com/show_bug.cgi?id=1230058 * https://bugzilla.suse.com/show_bug.cgi?id=1230059 * https://bugzilla.suse.com/show_bug.cgi?id=1230322 * https://jira.suse.com/browse/MSQA-863 . Critical SUSE update addresses nine security issues in Manager Client Tools and Salt, emphasizing importance of patching promptly.. SUSE Manager Client Tools, Salt Bundle, security update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 10, 2026 Important SuSE
203

Mageia vim Important Multiple Code Execution Flaws Advisory 2026-0240

Security update. Publication date: 10 Jul 2026 URL: https://advisories.mageia.org/MGASA-2026-0240.html Type: security Affected Mageia releases: 10, 9 CVE: CVE-2026-52858, CVE-2026-52859, CVE-2026-52860, CVE-2026-55693, CVE-2026-55892, CVE-2026-55895, CVE-2026-57451, CVE-2026-57452, CVE-2026-57453, CVE-2026-57454, CVE-2026-57455, CVE-2026-57456 Description: The updated packages fix security vulnerabilities: Arbitrary Code Execution via Python Omni-Completion in Vim < 9.2.0561. (CVE-2026-52858) Out-of-bounds Read in Terminal Screen Snapshot in Vim < 9.2.0565. (CVE-2026-52859) Arbitrary Code Execution via Python Omni-Completion in Vim < 9.2.0597. (CVE-2026-52860) Out-of-bounds Write in Spell File Word Count in Vim < 9.2.0653. (CVE-2026-55693) Out-of-bounds Write in Spell File Prefix Dump in Vim < 9.2.0662. (CVE-2026-55892) Vimscript Code Injection in netrw NetrwLocalRmFile() via crafted filename affects Vim < 9.2.0663. (CVE-2026-55895) Out-of-bounds Read in Text Property Count in Vim < 9.2.0670. (CVE-2026-57451) Out-of-bounds Read with libsodium-encrypted Files in Vim < 9.2.0671. (CVE-2026-57452) PowerShell Command Injection in zip.vim via Crafted Archive Entry Names in Vim > 9.1.1783 && Vim < 9.2.0678. (CVE-2026-57453) Out-of-bounds Read with Text Properties in Vim > = 9.2.0320 && Vim < 9.2.0679. (CVE-2026-57454) Out-of-bounds Write in SOFO Soundfolding in Vim < 9.2.0698. (CVE-2026-57455) Arbitrary Code Execution via Python Omni-Completion Docstrings in Vim < 9.2.0699. (CVE-2026-57456) References: - https://bugs.mageia.org/show_bug.cgi?id=35580 - https://www.openwall.com/lists/oss-security/2026/05/22/13 - https://github.com/vim/vim/security/advisories/GHSA-3h95-3962-mmvf - https://www.openwall.com/lists/oss-security/2026/05/29/5 - https://github.com/vim/vim/security/advisories/GHSA-52mc-rq6p-rc7c - https://www.openwall.com/lists/oss-security/2026/05/30/4 - https://github.com/vim/vim/security/advisories/GHSA-47gw-8gc3-mgcm -https://www.openwall.com/lists/oss-security/2026/06/04/14 - https://github.com/vim/vim/security/advisories/GHSA-65p9-mwwx-7468 - https://www.openwall.com/lists/oss-security/2026/06/15/8 - https://github.com/vim/vim/security/advisories/GHSA-wgh4-64f7-q3jq - https://www.openwall.com/lists/oss-security/2026/06/16/12 - https://github.com/vim/vim/security/advisories/GHSA-qm9w-fmpj-879h - https://www.openwall.com/lists/oss-security/2026/06/16/13 - https://github.com/vim/vim/security/advisories/GHSA-vhh8-v6wx-hjjh - https://www.openwall.com/lists/oss-security/2026/06/17/10 - https://github.com/vim/vim/security/advisories/GHSA-f36c-2qcp-7gpw - https://www.openwall.com/lists/oss-security/2026/06/18/7 - https://github.com/vim/vim/security/advisories/GHSA-c4j9-wr9j-4486 - https://www.openwall.com/lists/oss-security/2026/06/20/2 - https://github.com/vim/vim/security/advisories/GHSA-x5fg-h5w9-9frf - https://www.openwall.com/lists/oss-security/2026/06/20/3 - https://github.com/vim/vim/security/advisories/GHSA-ww8h-47xp-hp4w - https://www.openwall.com/lists/oss-security/2026/06/21/1 - https://github.com/vim/vim/security/advisories/GHSA-q8mh-6qm3-25g4 - https://www.openwall.com/lists/oss-security/2026/06/21/2 - https://github.com/vim/vim/security/advisories/GHSA-ppj8-wqjf-6fp3 - https://www.openwall.com/lists/oss-security/2026/06/24/9 - https://github.com/vim/vim/security/advisories/GHSA-m3hf-xcm3-xhm2 - https://www.openwall.com/lists/oss-security/2026/06/27/6 - https://github.com/vim/vim/security/advisories/GHSA-mf92-v4xw-j45x - https://www.openwall.com/lists/oss-security/2026/06/28/1 - https://github.com/vim/vim/security/advisories/GHSA-fh26-8f79-wj97 - https://www.cve.org/CVERecord?id=CVE-2026-52858 - https://www.cve.org/CVERecord?id=CVE-2026-52859 - https://www.cve.org/CVERecord?id=CVE-2026-52860 - https://www.cve.org/CVERecord?id=CVE-2026-55693 - https://www.cve.org/CVERecord?id=CVE-2026-55892 - https://www.cve.org/CVERecord?id=CVE-2026-55895 - https://www.cve.org/CVERecord?id=CVE-2026-57451 -https://www.cve.org/CVERecord?id=CVE-2026-57452 - https://www.cve.org/CVERecord?id=CVE-2026-57453 - https://www.cve.org/CVERecord?id=CVE-2026-57454 - https://www.cve.org/CVERecord?id=CVE-2026-57455 - https://www.cve.org/CVERecord?id=CVE-2026-57456 SRPMS: - 10/core/vim-9.2.782-1.mga10 - 9/core/vim-9.2.782-1.mga9 . Latest Mageia security update addresses critical issues in vim with multiple vulnerabilities fixed to enhance security.. Mageia vim security patch arbitrary code execution security fixes. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 10, 2026 Important Mageia
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200