Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -3 articles for you...
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of servicecode execution

Debian Stretch: DLA-2893-1 Moderate: Pillow Denial Of Service Risk

Multiple security issues were discovered in Pillow, a Python imaging library, which could result in denial of service and potentially the execution of arbitrary code if malformed images are processed. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2893-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Emilio Pozuelo Monfort January 23, 2022 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : pillow Version : 4.0.0-4+deb9u4 CVE ID : CVE-2022-22815 CVE-2022-22816 CVE-2022-22817 Multiple security issues were discovered in Pillow, a Python imaging library, which could result in denial of service and potentially the execution of arbitrary code if malformed images are processed. For Debian 9 stretch, these problems have been fixed in version 4.0.0-4+deb9u4. We recommend that you upgrade your pillow packages. For the detailed security status of pillow please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/pillow Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Vulnerabilities in the Pillow library highlighted in Debian LTS Advisory DLA-2901-1, concerning potential denial of service attacks and risks of arbitrary code execution.. Debian LTS, Pillow Security Update, Python Imaging Library, Denial of Service. . LinuxSecurity.com Team

Calendar 2 Jan 23, 2022 Debian LTS
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorybuffer overflowcritical

Debian 9: DLA-2716-1 Critical: Pillow DoS and Buffer Overflow Issues

Several vulnerabilities have been discovered in pillow (Python Imaging Library - PIL). Affected binary packages: . -------------------------------------------------------------------------Debian LTS Advisory DLA-2716-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Neil Williams July 22, 2021 https://wiki.debian.org/LTS -------------------------------------------------------------------------Package : pillow Version : 4.0.0-4+deb9u3 CVE ID : CVE-2020-35653 CVE-2021-25290 CVE-2021-28676 CVE-2021-28677 CVE-2021-34552 Debian Bug : #991293, #989062 Several vulnerabilities have been discovered in pillow (Python Imaging Library - PIL). Affected binary packages: python-imaging python-pil-dbg python-pil-doc python-pil.imagetk-dbg python-pil.imagetk python-pil python3-pil-dbg python3-pil.imagetk-dbg python3-pil.imagetk python3-pil CVE-2020-35653 Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c. CVE-2021-25290 An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size. CVE-2021-28676 An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load. CVE-2021-28677 An issue was discovered in Pillow before 8.2.0. For EPS data, the readline implementation used in EPSImageFile has to deal with any combination of \r and \n as line endings. It used an accidentally quadratic method of accumulating lines while looking for a line ending. A malicious EPS file could use this to perform a DoS of Pillow in the open phase, before animage was accepted for opening. CVE-2021-34552 Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c. For Debian 9 stretch, these problems have been fixed in version 4.0.0-4+deb9u3. We recommend that you upgrade your pillow packages. For the detailed security status of pillow please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/pillow Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . An important patch for Pillow addresses multiple security flaws in Debian, enhancing the safety of your image handling.. Debian Security Update,Pillow Package Update,Python Imaging Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 22, 2021 Critical Debian LTS
Banner 3 1028x280 1708121785 1771599793
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorydenial of servicesoftware update

Ubuntu: 4430-1 Critical Update for Pillow Denial of Service Risk

Pillow could be made to crash if it opened a specially crafted file.. =========================================================================Ubuntu Security Notice USN-4430-1 July 22, 2020 pillow vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Pillow could be made to crash if it opened a specially crafted file. Software Description: - pillow: Python Imaging Library Details: It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted image file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: python-pil 5.1.0-1ubuntu0.3 python3-pil 5.1.0-1ubuntu0.3 Ubuntu 16.04 LTS: python-pil 3.1.2-0ubuntu1.4 python3-pil 3.1.2-0ubuntu1.4 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4430-1 CVE-2020-10177, CVE-2020-10378, CVE-2020-10994, CVE-2020-11538 Package Information: https://launchpad.net/ubuntu/+source/pillow/5.1.0-1ubuntu0.3 https://launchpad.net/ubuntu/+source/pillow/3.1.2-0ubuntu1.4 . Specific file manipulations can exploit Pillow weaknesses, potentially resulting in system failures on Ubuntu versions 18.04 and 16.04 LTS.. Pillow Crash Ubuntu Update Denial Of Service. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 22, 2020 Critical Ubuntu
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticaldebian

Debian 8 DSA-3710-1 Critical: Pillow Arbitrary Code Execution

Cris Neckar discovered multiple vulnerabilities in Pillow, a Python imaging library, which may result in the execution of arbitrary code or information disclosure if a malformed image file is processed. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3710-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff November 10, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : pillow CVE ID : CVE-2016-9189 CVE-2016-9190 Cris Neckar discovered multiple vulnerabilities in Pillow, a Python imaging library, which may result in the execution of arbitrary code or information disclosure if a malformed image file is processed. For the stable distribution (jessie), these problems have been fixed in version 2.6.1-2+deb8u3. For the testing distribution (stretch), these problems have been fixed in version 3.4.2-1. For the unstable distribution (sid), these problems have been fixed in version 3.4.2-1. We recommend that you upgrade your pillow packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Updates for Debian's Pillow package rectify security flaws that could permit the execution of unauthorized code or increase the risks of sensitive information being disclosed.. Pillow Update, Debian Security, Python Imaging Risks. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 10, 2016 Critical Debian
Banner 3 1028x280 1708121785 1771599793
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianinput sanitization

Debian: DSA-3009-1 Critical: Python Imaging DoS Due To Input Flaw

Andrew Drake discovered that missing input sanitising in the icns decoder of the Python Imaging Library could result in denial of service if a malformed image is processed. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3009-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Moritz Muehlenhoff August 21, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : python-imaging CVE ID : CVE-2014-3589 Andrew Drake discovered that missing input sanitising in the icns decoder of the Python Imaging Library could result in denial of service if a malformed image is processed. For the stable distribution (wheezy), this problem has been fixed in version 1.1.7-4+deb7u1. For the unstable distribution (sid), this problem has been fixed in version 2.5.3-1 of the pillow source package. We recommend that you upgrade your python-imaging packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Attention Debian users: A new patch for python-imaging has been released to address a vulnerability linked to poor input validation, which could allow Denial of Service via malicious images. Python Imaging, Debian Security, DoS Threat, Input Sanitization. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 21, 2014 Critical Debian
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorymoderatefile overwrite

Ubuntu 13.10: USN-2168-1 Moderate: Python Imaging Library Overwrite Threat

Python Imaging Library could be made to overwrite or expose files.. =========================================================================Ubuntu Security Notice USN-2168-1 April 15, 2014 python-imaging vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 13.10 - Ubuntu 12.10 - Ubuntu 12.04 LTS - Ubuntu 10.04 LTS Summary: Python Imaging Library could be made to overwrite or expose files. Software Description: - python-imaging: Python Imaging Library Details: Jakub Wilk discovered that the Python Imaging Library incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files, or gain access to temporary file contents. (CVE-2014-1932, CVE-2014-1933) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 13.10: python-imaging 1.1.7+2.0.0-1ubuntu1.1 Ubuntu 12.10: python-imaging 1.1.7-4ubuntu0.12.10.1 Ubuntu 12.04 LTS: python-imaging 1.1.7-4ubuntu0.12.04.1 Ubuntu 10.04 LTS: python-imaging 1.1.7-1ubuntu0.2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-2168-1 CVE-2014-1932, CVE-2014-1933 Package Information: https://launchpad.net/ubuntu/+source/python-imaging/1.1.7+2.0.0-1ubuntu1.1 https://launchpad.net/ubuntu/+source/python-imaging/1.1.7-4ubuntu0.12.10.1 https://launchpad.net/ubuntu/+source/python-imaging/1.1.7-4ubuntu0.12.04.1 https://launchpad.net/ubuntu/+source/python-imaging/1.1.7-1ubuntu0.2 . Ubuntu Security Notice USN-2168-1 outlines vulnerabilities in python-imaging that could lead to unauthorized file modifications and potential data exposure risks.. Python Imaging Library, Overwrite Files, Temporary File Access. . LinuxSecurity.com Team

Calendar 2 Apr 15, 2014 Ubuntu
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here