Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian LTS openssl Important Use-After-Free NULL Pointer Issues DLA-4624-1

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 alsa-lib Important Denial of Service Fix USN-8044-2

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS node-shell-quote Important Denial of Service CVE-2026-9277

Calendar White Jun 09, 2026
Important
Mageia Large Esm H800
Mageia

Mageia 9 Suricata Critical Performance Security Issues MGASA-2026-0181

Calendar White Jun 09, 2026
Critical
Mageia Large Esm H900
Mageia

Mageia 9 PackageKit Important TOCTOU Race Escalation CVE-2026-41651

Calendar White Jun 09, 2026
Important
Mageia Large Esm H900
Mageia

Mageia 9 Unbound Critical Remote Code Execution Advisory 2026-0034

Calendar White Jun 09, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS Netatalk Multiple Security Issues USN-8395-1

Calendar White Jun 09, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 mingw-objfw 1.5.5 Update Security Fix FEDORA-2026-de23fedf3e

Calendar White Jun 08, 2026
Fedora Large Esm H900
Fedora

Fedora 43 objfw Important Update 1.5.5 Bug Fixes June 2026

Calendar White Jun 08, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderatesecurity issue

SUSE: 2023:3717-1 Moderate Proxy TFTP Update for CVE-2023-45803

The container suse/manager/4.3/proxy-tftpd was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/manager/4.3/proxy-tftpd ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:3717-1 Container Tags : suse/manager/4.3/proxy-tftpd:4.3.9 , suse/manager/4.3/proxy-tftpd:4.3.9.9.30.5 , suse/manager/4.3/proxy-tftpd:latest , suse/manager/4.3/proxy-tftpd:susemanager-4.3.9 , suse/manager/4.3/proxy-tftpd:susemanager-4.3.9.9.30.5 Container Release : 9.30.5 Severity : moderate Type : security References : 1216377 CVE-2023-45803 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-tftpd was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:4467-1 Released: Thu Nov 16 17:57:51 2023 Summary: Security update for python-urllib3 Type: security Severity: moderate References: 1216377,CVE-2023-45803 This update for python-urllib3 fixes the following issues: - CVE-2023-45803: Fix a request body leak that could occur when receiving a 303 HTTP response (bsc#1216377). The following package changes have been done: - python3-urllib3-1.25.10-150300.4.9.1 updated . SUSE Container Update Notice for suse/manager/4.3/proxy-tftpd addressing CVE-2023-45803 with integrated patches.. SUSE Container, Proxy TFTP, Security Update, Python Urllib3. . LinuxSecurity.com Team

Calendar 2 Nov 17, 2023 SuSE
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorysecurity issueinformation leak

Debian 10 Buster DLA-3649-1 Critical: python-urllib3 Information Leak

It was discovered that python-urllib3, a user-friendly HTTP client library for Python, did not remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303 after the request had its method changed from one that could accept a request body, like POST, . ------------------------------------------------------------------------- Debian LTS Advisory DLA-3649-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Sean Whitton November 08, 2023 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : python-urllib3 Version : 1.24.1-1+deb10u2 CVE ID : CVE-2023-43803 Debian Bug : 1054226 It was discovered that python-urllib3, a user-friendly HTTP client library for Python, did not remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303 after the request had its method changed from one that could accept a request body, like POST, to GET, as required by the HTTP RFCs. This could lead to information disclosure. For Debian 10 buster, these problems have been fixed in version 1.24.1-1+deb10u2. We recommend that you upgrade your python-urllib3 packages. For the detailed security status of python-urllib3 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/python-urllib3 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Uncover the vulnerability in python-urllib3 that might lead to potential data exposures and the essential patches available in Debian LTS.. python-urllib3, Debian LTS, HTTP client library, information disclosure, security update. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 08, 2023 Critical Debian LTS
Banner 3 1028x280 1708121785 1771599793
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryred hatmoderate threat

Red Hat Automation Platform 1.2.5 RHSA-2021-3473-01 Moderate: Backtracking

An update is now available for Red Hat Automation Platform 1.2.5. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat Automation Platform 1.2.5 security and bugfixes update Advisory ID: RHSA-2021:3473-01 Product: Red Hat Ansible Automation Platform Advisory URL: https://access.redhat.com/errata/RHSA-2021:3473 Issue date: 2021-09-08 CVE Names: CVE-2021-33503 ==================================================================== 1. Summary: An update is now available for Red Hat Automation Platform 1.2.5. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Automation Hub 4.2 for RHEL 7 - noarch, x86_64 Red Hat Automation Hub 4.2 for RHEL 8 - noarch, x86_64 3. Description: Red Hat Ansible Automation Platform integrates Red Hat’s automation suite consisting of Red Hat Ansible Tower, Red Hat Ansible Engine, and use-case specific capabilities for Microsoft Windows,network, security, and more, along with Software-as-a-Service (SaaS)-based capabilities and features for organization-wide effectiveness. Security Fix(es): * python-urllib3: Catastrophic backtracking in URL authority parser (CVE-2021-33503) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: This update fixes various bugs and addsenhancements. Documentation for these changes is available from the Release Notes document linked to in the References section. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1968074 - CVE-2021-33503 python-urllib3: ReDoS in the parsing of authority part of URL 6. Package List: Red Hat Automation Hub 4.2 for RHEL 7: Source: automation-hub-4.2.6-1.el7pc.src.rpm python-galaxy-ng-4.2.6-1.el7pc.src.rpm python-requests-2.25.1-1.el7pc.src.rpm python-urllib3-1.26.5-1.el7pc.src.rpm python3-click-7.1.2-3.el7pc.src.rpm noarch: automation-hub-4.2.6-1.el7pc.noarch.rpm python3-chardet-3.0.4-3.el7pc.noarch.rpm python3-click-7.1.2-3.el7pc.noarch.rpm python3-galaxy-ng-4.2.6-1.el7pc.noarch.rpm python3-gnupg-0.4.6-3.el7pc.noarch.rpm python3-jinja2-2.11.2-3.el7pc.noarch.rpm python3-requests-2.25.1-1.el7pc.noarch.rpm python3-semantic-version-2.8.5-3.el7pc.noarch.rpm python3-urllib3-1.26.5-1.el7pc.noarch.rpm x86_64: python3-markupsafe-1.1.1-4.el7pc.x86_64.rpm python3-markupsafe-debuginfo-1.1.1-4.el7pc.x86_64.rpm Red Hat Automation Hub 4.2 for RHEL 8: Source: automation-hub-4.2.6-1.el8pc.src.rpm python-galaxy-ng-4.2.6-1.el8pc.src.rpm python-requests-2.25.1-1.el8pc.src.rpm python-urllib3-1.26.5-1.el8pc.src.rpm noarch: automation-hub-4.2.6-1.el8pc.noarch.rpm python3-click-7.1.2-3.el8pc.noarch.rpm python3-galaxy-ng-4.2.6-1.el8pc.noarch.rpm python3-gnupg-0.4.6-3.el8pc.noarch.rpm python3-jinja2-2.11.2-3.el8pc.noarch.rpm python3-requests-2.25.1-1.el8pc.noarch.rpm python3-semantic-version-2.8.5-3.el8pc.noarch.rpm python3-urllib3-1.26.5-1.el8pc.noarch.rpm x86_64: python3-markupsafe-1.1.1-4.el8pc.x86_64.rpm python3-markupsafe-debuginfo-1.1.1-4.el8pc.x86_64.rpm python3-markupsafe-debugsource-1.1.1-4.el8pc.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify thesignature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-33503 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_ansible_automation_platform/1.2/html/red_hat_ansible_automation_platform_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYTkOENzjgjWX9erEAQgkkg/9HPbXh5Y2kqE3bD9OmEMjXc4bTTqzVXVO oDM3TQw6jNs8opP9IU5l3u9GlbPVsqVHnmRc8iN4WhWC7i2HqQV4ycu0BQq5LMrd DPzTY6I8RNjkmmTIXauPsDda0AqW+AaBm7JJGB2YMxHJ4YAO+nMo1iptmqBRStoX 4fnmX9NED4uPz3hv+fhXDai84OewX70CPxadcog3Q4+dIAuHclunBn6ErDtQgEGl 40NqbNFgDcv0MQ/gSO2H7OJQLFuTsIdk0uJxx8J0sHPLLRqdKlwdoYEox744VxZ5 RpKVTt7AEiAUuQxRLSgoTLm2wpqw/BlkjHkWLlFfs+u+hiPe6esB7nEl1MLiGC+T hr5i70BEp2MNhi0QGkY3CRsb9+e1KKtsrIO8fThypnfMGxO+qw66rA73Dosj7eRM 8bmfdYR5WQepYD0+Pmpa04IkheF3j93uqD1DLxc0TtsO5wmO2tzlrUuJyepXpiOD IQIzDxtVPZqfO8e9V563vIYXsRnaQUqID0vzG09MIutx9cOwugbRV/BI2DsSiK7V X1v/ehZz7ybXYYkLRYtg6RRGIX3hUi0Yw0ijbh18qd4XrBhzDaYDDsnBIctWOyrN gbENWxoRIlfLIRG5m+bNCh1WoviBdt9bP0YS+Jtx48GcQIDMJQpa/U3t73r9h6hc IF9mKVY3M2Y=7nq3 -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Ubuntu Server 20.04.3 presents a critical vulnerability patch addressing a session fixation flaw in python-requests.. Red Hat Automation, Security Update, Ansible Automation. . LinuxSecurity.com Team

Calendar 2 Sep 08, 2021 Red Hat
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderateSUSE

SUSE: 2020:3624-1 Moderate: Crowbar, Grafana, InfluxDB Updates

An update that fixes 5 vulnerabilities, contains one feature is now available. . SUSE Security Update: Security update for crowbar-openstack, grafana, influxdb, python-urllib3 ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:3624-1 Rating: moderate References: #1005886 #1170479 #1177120 #1178243 #1178988 SOC-11240 Cross-References: CVE-2016-8611 CVE-2019-20933 CVE-2019-9740 CVE-2020-24303 CVE-2020-26137 Affected Products: SUSE OpenStack Cloud 7 ______________________________________________________________________________ An update that fixes 5 vulnerabilities, contains one feature is now available. Description: This update for crowbar-openstack, grafana, influxdb, python-urllib3 contains the following fixes: Security fixes included in this update: openstack-glance - CVE-2016-8611: Added rate limiting for glance api (bnc#1005886) grafana - CVE-2020-24303: Fixed an XSS via a query alias for the ElasticSearch datasource (#bnc#1178243) influxdb - CVE-2019-20933: Fixed an authentication bypass (bnc#1178988) python-urlib3 - CVE-2019-9740: Fixed a CRLF injection in urllib3 (bnc#1129071). - CVE-2020-26137: Fixed a CRLF injection via HTTP request method (bnc#1177120) memcached - CVE-2018-1000115: Fixed a issue where a UDP server allowed spoofed traffic amplification DoS (bnc#1083903). Non-security fixes included in this update: Changes in crowbar-openstack: - Update to version 4.0+git.1604938545.30c10db18: * rabbitmq: Fix crm running check (SOC-11240) Changes in grafana: - Fix bnc#1178243 CVE-2020-24303 by adding 25401-Fix-XSS-vulnerability-with-series-overrides.patch Changes in influxdb: - Add CVE-2019-20933.patch (bnc#1178988, CVE-2019-20933) to fix authentication bypass_ - Declare license files correctly - Version 1.2.4: * The stress toolinflux_stress will be removed in a subsequent release. * Remove the override of GOMAXPROCS. * Uncomment section headers from the default configuration file. * Improve write performance significantly. * Prune data in meta store for deleted shards. * Update latest dependencies with Godeps. * Introduce syntax for marking a partial response with chunking. * Use X-Forwarded-For IP address in HTTP logger if present. * Add support for secure transmission via collectd. * Switch logging to use structured logging everywhere. * [CLI feature request] USE retention policy for queries. * Add clear command to cli. * Adding ability to use parameters in queries in the v2 client using the Parameters map in the Query struct. * Allow add items to array config via ENV * Support subquery execution in the query language. * Verbose output for SSL connection errors. * Cache snapshotting performance improvements - Partially revert previous change to fix build for Leap Changes in python-urllib3: - Update urllib3-fix-test-urls.patch. Adjust to match upstream solution. - Add urllib3-fix-test-urls.patch. Fix tests failing on python checks for CVE-2019-9740. - Add urllib3-cve-2020-26137.patch. Don't allow control chars in request method. (bnc#1177120, CVE-2020-26137) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2020-3624=1 Package List: - SUSE OpenStack Cloud 7 (x86_64): grafana-6.7.4-1.20.1 influxdb-1.2.4-5.1 influxdb-debuginfo-1.2.4-5.1 - SUSE OpenStack Cloud 7 (noarch): crowbar-openstack-4.0+git.1604938545.30c10db18-9.77.1 python-urllib3-1.16-3.12.1 References: https://www.suse.com/security/cve/CVE-2016-8611.html https://www.suse.com/security/cve/CVE-2019-20933.html https://www.suse.com/security/cve/CVE-2019-9740.html https://www.suse.com/security/cve/CVE-2020-24303.html https://www.suse.com/security/cve/CVE-2020-26137.html https://bugzilla.suse.com/1005886 https://bugzilla.suse.com/1170479 https://bugzilla.suse.com/1177120 https://bugzilla.suse.com/1178243 https://bugzilla.suse.com/1178988 . SUSE has released a security update addressing 5 vulnerabilities in crowbar-openstack, grafana, influxdb, and python-urllib3, while also introducing enhancements.. SUSE Security Update,Crowbar OpenStack,Grafana Fixes,InfluxDB Update,Python-urllib3 Patch. . LinuxSecurity.com Team

Calendar 2 Dec 04, 2020 SuSE
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here