Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderatesecurity update

openSUSE Leap 15.3: SUSE-SU-2025:0554-1 moderate: python3 domain parsing

An update that solves one vulnerability can now be installed.. # Security update for python3 Announcement ID: SUSE-SU-2025:0554-1 Release Date: 2025-02-14T15:11:05Z Rating: moderate References: * bsc#1236705 Cross-References: * CVE-2025-0938 CVSS scores: * CVE-2025-0938 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N * CVE-2025-0938 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N * CVE-2025-0938 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.3 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. (bsc#1236705) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-554=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-554=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-554=1 * SUSE Linux Enterprise Micro 5.3 zypper in-t patch SUSE-SLE-Micro-5.3-2025-554=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-554=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-554=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-554=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-554=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-554=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-554=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-554=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python3-dbm-3.6.15-150300.10.81.1 * python3-devel-debuginfo-3.6.15-150300.10.81.1 * python3-testsuite-debuginfo-3.6.15-150300.10.81.1 * python3-tk-3.6.15-150300.10.81.1 * python3-dbm-debuginfo-3.6.15-150300.10.81.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1 * python3-debuginfo-3.6.15-150300.10.81.1 * python3-curses-debuginfo-3.6.15-150300.10.81.1 * python3-debugsource-3.6.15-150300.10.81.1 * libpython3_6m1_0-3.6.15-150300.10.81.1 * python3-testsuite-3.6.15-150300.10.81.1 * python3-tools-3.6.15-150300.10.81.1 * python3-doc-3.6.15-150300.10.81.1 * python3-base-3.6.15-150300.10.81.1 * python3-doc-devhelp-3.6.15-150300.10.81.1 * python3-idle-3.6.15-150300.10.81.1 * python3-devel-3.6.15-150300.10.81.1 * python3-curses-3.6.15-150300.10.81.1 * python3-core-debugsource-3.6.15-150300.10.81.1 * python3-tk-debuginfo-3.6.15-150300.10.81.1 * python3-3.6.15-150300.10.81.1 * python3-base-debuginfo-3.6.15-150300.10.81.1 * openSUSE Leap 15.3 (x86_64) * libpython3_6m1_0-32bit-3.6.15-150300.10.81.1 * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.81.1 * openSUSE Leap 15.3 (aarch64_ilp32) *libpython3_6m1_0-64bit-debuginfo-3.6.15-150300.10.81.1 * libpython3_6m1_0-64bit-3.6.15-150300.10.81.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python3-dbm-3.6.15-150300.10.81.1 * python3-devel-debuginfo-3.6.15-150300.10.81.1 * python3-testsuite-debuginfo-3.6.15-150300.10.81.1 * python3-tk-3.6.15-150300.10.81.1 * python3-dbm-debuginfo-3.6.15-150300.10.81.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1 * python3-debuginfo-3.6.15-150300.10.81.1 * python3-curses-debuginfo-3.6.15-150300.10.81.1 * libpython3_6m1_0-3.6.15-150300.10.81.1 * python3-debugsource-3.6.15-150300.10.81.1 * python3-testsuite-3.6.15-150300.10.81.1 * python3-tools-3.6.15-150300.10.81.1 * python3-doc-3.6.15-150300.10.81.1 * python3-base-3.6.15-150300.10.81.1 * python3-doc-devhelp-3.6.15-150300.10.81.1 * python3-idle-3.6.15-150300.10.81.1 * python3-devel-3.6.15-150300.10.81.1 * python3-curses-3.6.15-150300.10.81.1 * python3-core-debugsource-3.6.15-150300.10.81.1 * python3-tk-debuginfo-3.6.15-150300.10.81.1 * python3-3.6.15-150300.10.81.1 * python3-base-debuginfo-3.6.15-150300.10.81.1 * openSUSE Leap 15.6 (x86_64) * libpython3_6m1_0-32bit-3.6.15-150300.10.81.1 * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.81.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.81.1 * python3-debugsource-3.6.15-150300.10.81.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1 * python3-debuginfo-3.6.15-150300.10.81.1 * python3-base-3.6.15-150300.10.81.1 * python3-core-debugsource-3.6.15-150300.10.81.1 * python3-3.6.15-150300.10.81.1 * python3-base-debuginfo-3.6.15-150300.10.81.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.81.1 * python3-debugsource-3.6.15-150300.10.81.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1 * python3-debuginfo-3.6.15-150300.10.81.1 *python3-base-3.6.15-150300.10.81.1 * python3-core-debugsource-3.6.15-150300.10.81.1 * python3-3.6.15-150300.10.81.1 * python3-base-debuginfo-3.6.15-150300.10.81.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.81.1 * python3-debugsource-3.6.15-150300.10.81.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1 * python3-debuginfo-3.6.15-150300.10.81.1 * python3-base-3.6.15-150300.10.81.1 * python3-core-debugsource-3.6.15-150300.10.81.1 * python3-3.6.15-150300.10.81.1 * python3-base-debuginfo-3.6.15-150300.10.81.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.81.1 * python3-debugsource-3.6.15-150300.10.81.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1 * python3-debuginfo-3.6.15-150300.10.81.1 * python3-base-3.6.15-150300.10.81.1 * python3-core-debugsource-3.6.15-150300.10.81.1 * python3-3.6.15-150300.10.81.1 * python3-base-debuginfo-3.6.15-150300.10.81.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.81.1 * python3-debugsource-3.6.15-150300.10.81.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1 * python3-debuginfo-3.6.15-150300.10.81.1 * python3-base-3.6.15-150300.10.81.1 * python3-core-debugsource-3.6.15-150300.10.81.1 * python3-3.6.15-150300.10.81.1 * python3-base-debuginfo-3.6.15-150300.10.81.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.81.1 * python3-dbm-3.6.15-150300.10.81.1 * python3-debugsource-3.6.15-150300.10.81.1 * python3-devel-3.6.15-150300.10.81.1 * python3-devel-debuginfo-3.6.15-150300.10.81.1 * python3-idle-3.6.15-150300.10.81.1 * python3-tk-3.6.15-150300.10.81.1 * python3-dbm-debuginfo-3.6.15-150300.10.81.1 * python3-curses-3.6.15-150300.10.81.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1 *python3-debuginfo-3.6.15-150300.10.81.1 * python3-base-3.6.15-150300.10.81.1 * python3-core-debugsource-3.6.15-150300.10.81.1 * python3-curses-debuginfo-3.6.15-150300.10.81.1 * python3-tk-debuginfo-3.6.15-150300.10.81.1 * python3-3.6.15-150300.10.81.1 * python3-base-debuginfo-3.6.15-150300.10.81.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.81.1 * python3-tools-3.6.15-150300.10.81.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.81.1 * python3-debugsource-3.6.15-150300.10.81.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1 * python3-debuginfo-3.6.15-150300.10.81.1 * python3-base-3.6.15-150300.10.81.1 * python3-core-debugsource-3.6.15-150300.10.81.1 * python3-3.6.15-150300.10.81.1 * python3-base-debuginfo-3.6.15-150300.10.81.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libpython3_6m1_0-3.6.15-150300.10.81.1 * python3-debugsource-3.6.15-150300.10.81.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.81.1 * python3-debuginfo-3.6.15-150300.10.81.1 * python3-base-3.6.15-150300.10.81.1 * python3-core-debugsource-3.6.15-150300.10.81.1 * python3-3.6.15-150300.10.81.1 * python3-base-debuginfo-3.6.15-150300.10.81.1 ## References: * https://www.suse.com/security/cve/CVE-2025-0938.html * https://bugzilla.suse.com/show_bug.cgi?id=1236705 . A critical security patch has been deployed resolving a vulnerability in python3. For comprehensive information about the remediation, refer to the detailed report.. python3, security advisory, openSUSE update, software patch, Linux update. . LinuxSecurity.com Team

Calendar 2 Feb 14, 2025 OpenSUSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorysoftware updatemoderate severity

SUSE: 2024:0329-1 Moderate: Python Email Parsing Security Issue

* bsc#1210638 Cross-References: * CVE-2023-27043 . # Security update for python Announcement ID: SUSE-SU-2024:0329-1 Rating: moderate References: * bsc#1210638 Cross-References: * CVE-2023-27043 CVSS scores: * CVE-2023-27043 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-27043 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python fixes the following issues: * CVE-2023-27043: Fixed incorrectly parses e-mail addresses which contain a special character (bsc#1210638). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-329=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-329=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python-debuginfo-2.7.18-150000.60.1 * python-idle-2.7.18-150000.60.1 * python-base-2.7.18-150000.60.1 * libpython2_7-1_0-debuginfo-2.7.18-150000.60.1 * python-devel-2.7.18-150000.60.1 * python-tk-2.7.18-150000.60.1 * python-tk-debuginfo-2.7.18-150000.60.1 * libpython2_7-1_0-2.7.18-150000.60.1 * python-2.7.18-150000.60.1 * python-debugsource-2.7.18-150000.60.1 * python-xml-debuginfo-2.7.18-150000.60.1 * python-base-debugsource-2.7.18-150000.60.1 * python-gdbm-2.7.18-150000.60.1 *python-base-debuginfo-2.7.18-150000.60.1 * python-demo-2.7.18-150000.60.1 * python-xml-2.7.18-150000.60.1 * python-curses-2.7.18-150000.60.1 * python-gdbm-debuginfo-2.7.18-150000.60.1 * python-curses-debuginfo-2.7.18-150000.60.1 * openSUSE Leap 15.5 (x86_64) * python-base-32bit-2.7.18-150000.60.1 * libpython2_7-1_0-32bit-debuginfo-2.7.18-150000.60.1 * libpython2_7-1_0-32bit-2.7.18-150000.60.1 * python-base-32bit-debuginfo-2.7.18-150000.60.1 * python-32bit-2.7.18-150000.60.1 * python-32bit-debuginfo-2.7.18-150000.60.1 * openSUSE Leap 15.5 (noarch) * python-doc-2.7.18-150000.60.1 * python-doc-pdf-2.7.18-150000.60.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * python-debuginfo-2.7.18-150000.60.1 * python-base-2.7.18-150000.60.1 * libpython2_7-1_0-debuginfo-2.7.18-150000.60.1 * python-devel-2.7.18-150000.60.1 * libpython2_7-1_0-2.7.18-150000.60.1 * python-2.7.18-150000.60.1 * python-debugsource-2.7.18-150000.60.1 * python-xml-debuginfo-2.7.18-150000.60.1 * python-base-debugsource-2.7.18-150000.60.1 * python-gdbm-2.7.18-150000.60.1 * python-base-debuginfo-2.7.18-150000.60.1 * python-xml-2.7.18-150000.60.1 * python-curses-2.7.18-150000.60.1 * python-gdbm-debuginfo-2.7.18-150000.60.1 * python-curses-debuginfo-2.7.18-150000.60.1 ## References: * https://www.suse.com/security/cve/CVE-2023-27043.html * https://bugzilla.suse.com/show_bug.cgi?id=1210638 . SUSE has released a security patch for Python that rectifies a problem with email parsing, classified as moderate in severity.. SUSE Linux Enterprise, Python Issue, Email Parsing, Security Update, Installation Guide. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 05, 2024 Important SuSE
Banner 1 1028x280 1708121660 1771599717
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorydenial of servicegentoo

Gentoo: GLSA-201811-02 Normal: Python Buffer Overflow DoS Threat

A buffer overflow in Python might allow remote attackers to cause a Denial of Service condition.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201811-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Python: Buffer overflow Date: November 09, 2018 Bugs: #647862 ID: 201811-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A buffer overflow in Python might allow remote attackers to cause a Denial of Service condition. Background ========= Python is an interpreted, interactive, object-oriented programming language. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-lang/python < 2.7.15 > = 2.7.15 Description ========== A buffer overflow vulnerability have been discovered in Python. Please review the CVE identifiers referenced below for details. Impact ===== A remote attacker, in special situations such as function as a service, could violate a trust boundary and cause a Denial of Service condition. Workaround ========= There is no known workaround at this time. Resolution ========= All Python users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-lang/python-2.7.15" References ========= [ 1 ] CVE-2018-1000030 https://nvd.nist.gov/vuln/detail/CVE-2018-1000030 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201811-02 Concerns? ======== Security is a primary focus of GentooLinux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2018 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . A serious buffer overflow vulnerability in Python on Gentoo systems could allow remote attackers to cause a Denial of Service. Users should upgrade immediately!. Gentoo Security Advisory, Python Overflow, Denial of Service. . LinuxSecurity.com Team

Calendar 2 Nov 09, 2018 Gentoo
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianlocal risk

Debian 3.0: DSA 159-2 Critical: Python Insecure Temporary Files Fix

The bugfix we distributed in DSA 159-1 unfortunately caused Python tosometimes behave improperly when a non-executable file existed earlierin the path and an executable file of the same name existed later inthe path.. -------------------------------------------------------------------------- Debian Security Advisory DSA 159-2 This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Martin Schulze September 9th, 2002 Debian -- Debian security FAQ -------------------------------------------------------------------------- Package : python Vulnerability : insecure temporary files Problem-Type : local Debian-specific: no BugTraq ID : 5581 [The mail just sent was formatted like an attachment due to a misconception on my side. This mail is only the clearsign version. ] The bugfix we distributed in DSA 159-1 unfortunately caused Python to sometimes behave improperly when a non-executable file existed earlier in the path and an executable file of the same name existed later in the path. Zack Weinberg fixed this in the Python source. For reference, here's the original advisory text: Zack Weinberg discovered an insecure use of a temporary file in os._execvpe from os.py. It uses a predictable name which could lead execution of arbitrary code. This problem has been fixed in several versions of Python: For the current stable distribution (woody) it has been fixed in version 1.5.2-23.2 of Python 1.5, in version 2.1.3-3.2 of Python 2.1 and in version 2.2.1-4.2 of Python 2.2. For the old stable distribution (potato) this has been fixed in version 1.5.2-10potato13 for Python 1.5. For the unstable distribution (sid) this has been fixed in version 1.5.2-25 of Python 1.5, in version 2.1.3-9 of Python 2.1 and in version 2.2.1-11 of Python 2.2. Python 2.3 is not affected by the original problem. We recommend that you upgrade your Python packages. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If youare using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 2.2 alias potato -------------------------------- Source archives: Size/MD5 checksum: 814 15658c9064507f46d3074af59f7ad218 Size/MD5 checksum: 85640 bd7d68152dfc35ea8d6b6e30a143a696 Size/MD5 checksum: 2533053 e9d677ae6d5a3efc6937627ed8a3e752 Alpha architecture: Size/MD5 checksum: 928808 add635f90434d2021887c36707a2f10c ARM architecture: Size/MD5 checksum: 849298 f9cd68bfaa75b08e0462055c103c53fd Intel IA-32 architecture: Size/MD5 checksum: 825292 3fd77f5f0f90ee904908c3af612b9268 Motorola 680x0 architecture: Size/MD5 checksum: 837688 680297f46cc3ef0214206ece9fd24167 PowerPC architecture: Size/MD5 checksum: 872488 3b4d05433f2ad9e5b0182ade9edc24e5 Sun Sparc architecture: Size/MD5 checksum: 854848 f6760252303686618726f6af12287eb6 Debian GNU/Linux 3.0 alias woody -------------------------------- Source archives: Size/MD5 checksum: 916 aa7b63a8384f37ce644d9bbc2c594a93 Size/MD5 checksum: 147675 77e1702b4eaf9fde2316dface2bfb118 Size/MD5 checksum: 2533570 d9ade0d7613466e0353561d277ff02fe Size/MD5 checksum: 1283 9cf0222820b3730f885833949ee2752c Size/MD5 checksum: 70289 23bd09269b47d0c55815d738870f9f26 Size/MD5 checksum: 6194246 1ae739aa5824de263923df3516eeaf80 Size/MD5 checksum: 1150 a4f837cbefd09fa2fb27b799811aacb1 Size/MD5 checksum: 91722 d3ede617d5b8ddb4dd81e7735640000a Size/MD5 checksum: 6536167 88aa07574673ccfaf35904253c78fc7d Alpha architecture: Size/MD5 checksum: 993478 b9b7799ff765a425926b2c56de13443c Size/MD5 checksum: 1804304 663466bd39741650c3dd9a49ca89d59a Size/MD5checksum: 2139238 6b967a140b2a51d442cfb84891300414 ARM architecture: Size/MD5 checksum: 893374 f0c4f0f1c13146b226c9192aaa59e62b Size/MD5 checksum: 1646606 4ad1516f1afae6f106c0c40a37d6fcdf Size/MD5 checksum: 1952210 6c191ffb5b2d77c52c2cadbd20d1298c Intel IA-32 architecture: Size/MD5 checksum: 865938 d3cf0730cc2529807ce59e68395e6396 Size/MD5 checksum: 1592166 059df3cfa844b25d292fdf9c1808c8d4 Size/MD5 checksum: 1888508 179880aa560f0b9ecf45cca8c57eb451 Intel IA-64 architecture: Size/MD5 checksum: 1123834 0fe1e81eaeb6e51d73c4c86531c5c5f0 Size/MD5 checksum: 2080790 88d771d8ea3f9289ea5b552ea9a01a99 Size/MD5 checksum: 2489548 5d6abd03f4716986bd0ce4599a261297 HP Precision architecture: Size/MD5 checksum: 983286 c4b39bb69d263d95832c2eb9cd34d11d Size/MD5 checksum: 1832650 bda1279f0bdb2056c30afe9913415bbf Size/MD5 checksum: 2356192 64fbb9fd51ea7f53e80ff32e11e89b80 Motorola 680x0 architecture: Size/MD5 checksum: 880196 a61ba2de8d3056c252de513cf7b5d8ea Size/MD5 checksum: 1608796 da4e546766c589378e6117778ff9056a Size/MD5 checksum: 1894026 0ba9078d8e655ac3e2cb06b3c4761103 Big endian MIPS architecture: Size/MD5 checksum: 893284 f02223e7008b0395edad33a78ae030ac Size/MD5 checksum: 1661254 2bf07b8f8aa5383873128029cb1a1d12 Size/MD5 checksum: 1952322 142f9fe7a1d68b076a44f70d003ba677 Little endian MIPS architecture: Size/MD5 checksum: 890812 ab02be8c8dac1dadafa0ad85a1e2d627 Size/MD5 checksum: 1657988 f05738ac39f731c38ae19b7223603e08 Size/MD5 checksum: 1947426 ccce0e16862734b23adc9bd4550c31fe PowerPC architecture: Size/MD5 checksum: 913446 9a540b7ded9fbae1402f5afe14f359fc Size/MD5 checksum: 1681254 314a5cf6599d88bce41c331ebe945059 Size/MD5 checksum: 1998856 11416c5e75b762bd33085d8966b9a126 IBM S/390 architecture: Size/MD5 checksum: 897150 7ffb4636cf3aa63060b107b2b21c2e31 Size/MD5checksum: 1647976 e3ae48fcfc0e8960a3f78ba3b30e0a6c Size/MD5 checksum: 1929358 05fe107035d278bbc4ba84f0503449d1 Sun Sparc architecture: Size/MD5 checksum: 963064 6e271de84f9631e9994ae94b5f37e8a3 Size/MD5 checksum: 1730934 b0b2279b6b86fe9dc9372934accc6f86 Size/MD5 checksum: 2036598 4c96e6318184cf954299e5c7f7a8ba4b Please note that all python source packages produce more binary packages than the ones listed above. They are not relevant for the fixed problems, though. These files will probably be moved into the stable distribution on its next revision. --------------------------------------------------------------------------------- For apt-get: deb Debian -- Security Information stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . Notice on a vulnerability in Python affecting the handling of temporary files on Debian-related systems. Urgent software upgrades are advised for protection.. Debian Security, Python Update, Insecure Files, Bug Fixes, Local Security Issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 09, 2002 Critical Debian
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here