Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -3 articles for you...
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorycode executionarbitrary code execution

Red Hat Enterprise Linux 8 RHSA-2023:0016-01 webkit2gtk3 Important Code Exec

An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: webkit2gtk3 security update Advisory ID: RHSA-2023:0016-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:0016 Issue date: 2023-01-04 CVE Names: CVE-2022-42856 ==================================================================== 1. Summary: An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fix(es): * webkitgtk: processing maliciously crafted web content may lead to an arbitrary code execution (CVE-2022-42856) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2153683 - CVE-2022-42856 webkitgtk: processing maliciously crafted web content may lead to an arbitrary code execution 6. PackageList: Red Hat Enterprise Linux AppStream (v.8): Source: webkit2gtk3-2.36.7-1.el8_7.1.src.rpm aarch64: webkit2gtk3-2.36.7-1.el8_7.1.aarch64.rpm webkit2gtk3-debuginfo-2.36.7-1.el8_7.1.aarch64.rpm webkit2gtk3-debugsource-2.36.7-1.el8_7.1.aarch64.rpm webkit2gtk3-devel-2.36.7-1.el8_7.1.aarch64.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8_7.1.aarch64.rpm webkit2gtk3-jsc-2.36.7-1.el8_7.1.aarch64.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8_7.1.aarch64.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8_7.1.aarch64.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8_7.1.aarch64.rpm ppc64le: webkit2gtk3-2.36.7-1.el8_7.1.ppc64le.rpm webkit2gtk3-debuginfo-2.36.7-1.el8_7.1.ppc64le.rpm webkit2gtk3-debugsource-2.36.7-1.el8_7.1.ppc64le.rpm webkit2gtk3-devel-2.36.7-1.el8_7.1.ppc64le.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8_7.1.ppc64le.rpm webkit2gtk3-jsc-2.36.7-1.el8_7.1.ppc64le.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8_7.1.ppc64le.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8_7.1.ppc64le.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8_7.1.ppc64le.rpm s390x: webkit2gtk3-2.36.7-1.el8_7.1.s390x.rpm webkit2gtk3-debuginfo-2.36.7-1.el8_7.1.s390x.rpm webkit2gtk3-debugsource-2.36.7-1.el8_7.1.s390x.rpm webkit2gtk3-devel-2.36.7-1.el8_7.1.s390x.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8_7.1.s390x.rpm webkit2gtk3-jsc-2.36.7-1.el8_7.1.s390x.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8_7.1.s390x.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8_7.1.s390x.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8_7.1.s390x.rpm x86_64: webkit2gtk3-2.36.7-1.el8_7.1.i686.rpm webkit2gtk3-2.36.7-1.el8_7.1.x86_64.rpm webkit2gtk3-debuginfo-2.36.7-1.el8_7.1.i686.rpm webkit2gtk3-debuginfo-2.36.7-1.el8_7.1.x86_64.rpm webkit2gtk3-debugsource-2.36.7-1.el8_7.1.i686.rpm webkit2gtk3-debugsource-2.36.7-1.el8_7.1.x86_64.rpm webkit2gtk3-devel-2.36.7-1.el8_7.1.i686.rpm webkit2gtk3-devel-2.36.7-1.el8_7.1.x86_64.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8_7.1.i686.rpm webkit2gtk3-devel-debuginfo-2.36.7-1.el8_7.1.x86_64.rpm webkit2gtk3-jsc-2.36.7-1.el8_7.1.i686.rpm webkit2gtk3-jsc-2.36.7-1.el8_7.1.x86_64.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8_7.1.i686.rpm webkit2gtk3-jsc-debuginfo-2.36.7-1.el8_7.1.x86_64.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8_7.1.i686.rpm webkit2gtk3-jsc-devel-2.36.7-1.el8_7.1.x86_64.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8_7.1.i686.rpm webkit2gtk3-jsc-devel-debuginfo-2.36.7-1.el8_7.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-42856 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY7VWL9zjgjWX9erEAQg3Gw//e0sGMYczRnNrkhBxX5J4lP7xUO+/+Pnk +ncXuaQpC5qToXl3w/YspsBZ8YCmNTso0WqIZjovsAbAQGgtAHh9tyrtheWkLiEf 4dS4wocfSQOFjcmrNLVc+hECWUz9RfVuyt758uRzz/pLgKXgrIlVVnMhLk5qCYWD gkwYhOHBnWE1iRHVMgdFjwcsk7/V1Pcv3jGjGwy4anK+YbcWpEvHTOyT4E5gO5oj Fl6RU3M+cKDOcg5Uxmn5d1/MvWBvQOCu8RvJy5GPdfhZjoiWJKn43pS94Yz8RaMR MMa2txkibrcDalMzcFzGdWMcjnCrp30imqzrEdUbs0qeSXUgSjSUN2EEcSSOjnge MhkEbZTFHdGakJxWSLXLHP3YC7eJMrawDTzfUotVoQpw6uBNFZQeCrhP25gsTff3 OSj/m3bCHSOlGZ7gVAFdLuHIomZHU6di66EFeSVIh56ukriNUkDfG3/3v8VYpSY6 7F0PdLbbw5kW0VfOwuMrznRpzC1Vl2+r7hKBw+WqnYDr8xcI8CgObz+D64JXO3WX kFP9NqFYB9M4+5fB9SGcZ+0DUIPpf5w6qB4Wb+3k3IdYLXutUH61/2dCFnTxevKv EkVv+aTEcGDnyTgWV8FOTWXGhUBoCYgUbAHYxIbTX3TtIaMesZennJPRvQa63QAc nJngrnwCTog=+XpK -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Critical vulnerability identified within webkit2gtk3 on CentOS, leading to an elevated risk of unapproved code execution.. Webkit2gtk3 Update, Red Hat Security, Linux Advisory, Code Execution Risk. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 04, 2023 Important Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hatmoderate severity

Red Hat Advisory RHSA-2022:5245-01 Addresses Moderate Curl Vulnerabilities

An update for curl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: curl security update Advisory ID: RHSA-2022:5245-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:5245 Issue date: 2022-06-28 CVE Names: CVE-2022-22576 CVE-2022-27774 CVE-2022-27776 CVE-2022-27782 ==================================================================== 1. Summary: An update for curl is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 9) - aarch64, ppc64le, s390x, x86_64 3. Description: The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * curl: OAUTH2 bearer bypass in connection re-use (CVE-2022-22576) * curl: credential leak on redirect (CVE-2022-27774) * curl: auth/cookie leak on redirect (CVE-2022-27776) * curl: TLS and SSH connection too eager reuse (CVE-2022-27782) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: Fordetails on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2077541 - CVE-2022-22576 curl: OAUTH2 bearer bypass in connection re-use 2077547 - CVE-2022-27774 curl: credential leak on redirect 2078408 - CVE-2022-27776 curl: auth/cookie leak on redirect 2082215 - CVE-2022-27782 curl: TLS and SSH connection too eager reuse 6. Package List: Red Hat Enterprise Linux AppStream (v. 9): aarch64: curl-debuginfo-7.76.1-14.el9_0.4.aarch64.rpm curl-debugsource-7.76.1-14.el9_0.4.aarch64.rpm curl-minimal-debuginfo-7.76.1-14.el9_0.4.aarch64.rpm libcurl-debuginfo-7.76.1-14.el9_0.4.aarch64.rpm libcurl-devel-7.76.1-14.el9_0.4.aarch64.rpm libcurl-minimal-debuginfo-7.76.1-14.el9_0.4.aarch64.rpm ppc64le: curl-debuginfo-7.76.1-14.el9_0.4.ppc64le.rpm curl-debugsource-7.76.1-14.el9_0.4.ppc64le.rpm curl-minimal-debuginfo-7.76.1-14.el9_0.4.ppc64le.rpm libcurl-debuginfo-7.76.1-14.el9_0.4.ppc64le.rpm libcurl-devel-7.76.1-14.el9_0.4.ppc64le.rpm libcurl-minimal-debuginfo-7.76.1-14.el9_0.4.ppc64le.rpm s390x: curl-debuginfo-7.76.1-14.el9_0.4.s390x.rpm curl-debugsource-7.76.1-14.el9_0.4.s390x.rpm curl-minimal-debuginfo-7.76.1-14.el9_0.4.s390x.rpm libcurl-debuginfo-7.76.1-14.el9_0.4.s390x.rpm libcurl-devel-7.76.1-14.el9_0.4.s390x.rpm libcurl-minimal-debuginfo-7.76.1-14.el9_0.4.s390x.rpm x86_64: curl-debuginfo-7.76.1-14.el9_0.4.i686.rpm curl-debuginfo-7.76.1-14.el9_0.4.x86_64.rpm curl-debugsource-7.76.1-14.el9_0.4.i686.rpm curl-debugsource-7.76.1-14.el9_0.4.x86_64.rpm curl-minimal-debuginfo-7.76.1-14.el9_0.4.i686.rpm curl-minimal-debuginfo-7.76.1-14.el9_0.4.x86_64.rpm libcurl-debuginfo-7.76.1-14.el9_0.4.i686.rpm libcurl-debuginfo-7.76.1-14.el9_0.4.x86_64.rpm libcurl-devel-7.76.1-14.el9_0.4.i686.rpm libcurl-devel-7.76.1-14.el9_0.4.x86_64.rpm libcurl-minimal-debuginfo-7.76.1-14.el9_0.4.i686.rpm libcurl-minimal-debuginfo-7.76.1-14.el9_0.4.x86_64.rpm Red Hat Enterprise Linux BaseOS (v.9): Source: curl-7.76.1-14.el9_0.4.src.rpm aarch64: curl-7.76.1-14.el9_0.4.aarch64.rpm curl-debuginfo-7.76.1-14.el9_0.4.aarch64.rpm curl-debugsource-7.76.1-14.el9_0.4.aarch64.rpm curl-minimal-7.76.1-14.el9_0.4.aarch64.rpm curl-minimal-debuginfo-7.76.1-14.el9_0.4.aarch64.rpm libcurl-7.76.1-14.el9_0.4.aarch64.rpm libcurl-debuginfo-7.76.1-14.el9_0.4.aarch64.rpm libcurl-minimal-7.76.1-14.el9_0.4.aarch64.rpm libcurl-minimal-debuginfo-7.76.1-14.el9_0.4.aarch64.rpm ppc64le: curl-7.76.1-14.el9_0.4.ppc64le.rpm curl-debuginfo-7.76.1-14.el9_0.4.ppc64le.rpm curl-debugsource-7.76.1-14.el9_0.4.ppc64le.rpm curl-minimal-7.76.1-14.el9_0.4.ppc64le.rpm curl-minimal-debuginfo-7.76.1-14.el9_0.4.ppc64le.rpm libcurl-7.76.1-14.el9_0.4.ppc64le.rpm libcurl-debuginfo-7.76.1-14.el9_0.4.ppc64le.rpm libcurl-minimal-7.76.1-14.el9_0.4.ppc64le.rpm libcurl-minimal-debuginfo-7.76.1-14.el9_0.4.ppc64le.rpm s390x: curl-7.76.1-14.el9_0.4.s390x.rpm curl-debuginfo-7.76.1-14.el9_0.4.s390x.rpm curl-debugsource-7.76.1-14.el9_0.4.s390x.rpm curl-minimal-7.76.1-14.el9_0.4.s390x.rpm curl-minimal-debuginfo-7.76.1-14.el9_0.4.s390x.rpm libcurl-7.76.1-14.el9_0.4.s390x.rpm libcurl-debuginfo-7.76.1-14.el9_0.4.s390x.rpm libcurl-minimal-7.76.1-14.el9_0.4.s390x.rpm libcurl-minimal-debuginfo-7.76.1-14.el9_0.4.s390x.rpm x86_64: curl-7.76.1-14.el9_0.4.x86_64.rpm curl-debuginfo-7.76.1-14.el9_0.4.i686.rpm curl-debuginfo-7.76.1-14.el9_0.4.x86_64.rpm curl-debugsource-7.76.1-14.el9_0.4.i686.rpm curl-debugsource-7.76.1-14.el9_0.4.x86_64.rpm curl-minimal-7.76.1-14.el9_0.4.x86_64.rpm curl-minimal-debuginfo-7.76.1-14.el9_0.4.i686.rpm curl-minimal-debuginfo-7.76.1-14.el9_0.4.x86_64.rpm libcurl-7.76.1-14.el9_0.4.i686.rpm libcurl-7.76.1-14.el9_0.4.x86_64.rpm libcurl-debuginfo-7.76.1-14.el9_0.4.i686.rpm libcurl-debuginfo-7.76.1-14.el9_0.4.x86_64.rpm libcurl-minimal-7.76.1-14.el9_0.4.i686.rpm libcurl-minimal-7.76.1-14.el9_0.4.x86_64.rpm libcurl-minimal-debuginfo-7.76.1-14.el9_0.4.i686.rpm libcurl-minimal-debuginfo-7.76.1-14.el9_0.4.x86_64.rpm These packages are GPG signed by RedHat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-22576 https://access.redhat.com/security/cve/CVE-2022-27774 https://access.redhat.com/security/cve/CVE-2022-27776 https://access.redhat.com/security/cve/CVE-2022-27782 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYr6V1tzjgjWX9erEAQgY5A//Qy7jG3WkMsxLzIF2jSzG4llo3ULFmTC3 dK/5aRXCDJklLHAvL/kzQ2jMQA224VHcCTBBH8uZNUU+rodX6ouFAPcjVHG68SX9 L2yRNlSqryQxKR0uCHJ0ndeHYtkbfVD9dBltRkJmrNmXa4ql+YfAWqwbXLKYNCUV caM5UskdyQ5IHIkjkPfNsY/vaB6RP/fm8Qs1d4Lt/N0lvxj2mgMDk8EOFaEI79Gm Rvy044/igG6VbTJsowZQxF8dwslEVNzJ4fg1afYQATkfBL20BYxrMm7QtAWYPrxk QkHvwsxcGbYWRRXi4keffJtrPg1O+9EqI11OHo9NHmieoUGNMZLwgQWXJttuksak k3oXXywWUxCeRl5V43/Q+SSSShs1HWvR6e5g16axdzSOvlK7cI3iamgxLgjUOqnJ ThF+jH+T7CvtUecDz7H//XB9uQD9OCA0ZdyQ6RI5rMYW5gz1glSZ4H8AcINYwxhc jta7vBre8cU7aPdhTYE5N7sw8u+5GhSg63SVYjk8UUoQ1hqKx8Ao1LI7ubptRKZ7 ey05JiFRGnHYoCkF/HDFOmLgAuITFXcTRwuJ8Yr6mmDAxMhEDEpzwUJg1t/5mkMn LvDKI+m+Vo+9iCzahD3+SUtxYJb8Esy95cYeM9459vaxhQw9v9EDgY2sd8Yz4bwC WcynFEXdDQA=bldl -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . To address moderate security vulnerabilities in curl for Red Hat Enterprise Linux 9, follow these essential patching steps immediately for effective protection. curl Security Update, Red Hat Enterprise, Moderate Severity Patch. . LinuxSecurity.com Team

Calendar 2 Jul 01, 2022 Red Hat
Banner 2 1028x280 1708121730 1 1771599631
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorybuffer overflowRed Hat Enterprise Linux

Red Hat Enterprise Linux 7 RHSA-2021:0339-01 Critical: Buffer Overflow

An update for linux-firmware is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: linux-firmware security update Advisory ID: RHSA-2021:0339-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0339 Issue date: 2021-02-02 CVE Names: CVE-2020-12321 ==================================================================== 1. Summary: An update for linux-firmware is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch Red Hat Enterprise Linux ComputeNode (v. 7) - noarch Red Hat Enterprise Linux Server (v. 7) - noarch Red Hat Enterprise Linux Workstation (v. 7) - noarch 3. Description: The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Security Fix(es): * hardware: buffer overflow in bluetooth firmware (CVE-2020-12321) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1893914 - CVE-2020-12321 hardware: buffer overflow in bluetooth firmware 6. Package List: RedHat Enterprise Linux Client (v. 7): Source: linux-firmware-20200421-80.git78c0348.el7_9.src.rpm noarch: iwl100-firmware-39.31.5.1-80.el7_9.noarch.rpm iwl1000-firmware-39.31.5.1-80.el7_9.noarch.rpm iwl105-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl135-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl2000-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl2030-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl3160-firmware-25.30.13.0-80.el7_9.noarch.rpm iwl3945-firmware-15.32.2.9-80.el7_9.noarch.rpm iwl4965-firmware-228.61.2.24-80.el7_9.noarch.rpm iwl5000-firmware-8.83.5.1_1-80.el7_9.noarch.rpm iwl5150-firmware-8.24.2.2-80.el7_9.noarch.rpm iwl6000-firmware-9.221.4.1-80.el7_9.noarch.rpm iwl6000g2a-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl6000g2b-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl6050-firmware-41.28.5.1-80.el7_9.noarch.rpm iwl7260-firmware-25.30.13.0-80.el7_9.noarch.rpm linux-firmware-20200421-80.git78c0348.el7_9.noarch.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: linux-firmware-20200421-80.git78c0348.el7_9.src.rpm noarch: iwl100-firmware-39.31.5.1-80.el7_9.noarch.rpm iwl1000-firmware-39.31.5.1-80.el7_9.noarch.rpm iwl105-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl135-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl2000-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl2030-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl3160-firmware-25.30.13.0-80.el7_9.noarch.rpm iwl3945-firmware-15.32.2.9-80.el7_9.noarch.rpm iwl4965-firmware-228.61.2.24-80.el7_9.noarch.rpm iwl5000-firmware-8.83.5.1_1-80.el7_9.noarch.rpm iwl5150-firmware-8.24.2.2-80.el7_9.noarch.rpm iwl6000-firmware-9.221.4.1-80.el7_9.noarch.rpm iwl6000g2a-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl6000g2b-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl6050-firmware-41.28.5.1-80.el7_9.noarch.rpm iwl7260-firmware-25.30.13.0-80.el7_9.noarch.rpm linux-firmware-20200421-80.git78c0348.el7_9.noarch.rpm Red Hat Enterprise Linux Server (v.7): Source: linux-firmware-20200421-80.git78c0348.el7_9.src.rpm noarch: iwl100-firmware-39.31.5.1-80.el7_9.noarch.rpm iwl1000-firmware-39.31.5.1-80.el7_9.noarch.rpm iwl105-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl135-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl2000-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl2030-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl3160-firmware-25.30.13.0-80.el7_9.noarch.rpm iwl3945-firmware-15.32.2.9-80.el7_9.noarch.rpm iwl4965-firmware-228.61.2.24-80.el7_9.noarch.rpm iwl5000-firmware-8.83.5.1_1-80.el7_9.noarch.rpm iwl5150-firmware-8.24.2.2-80.el7_9.noarch.rpm iwl6000-firmware-9.221.4.1-80.el7_9.noarch.rpm iwl6000g2a-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl6000g2b-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl6050-firmware-41.28.5.1-80.el7_9.noarch.rpm iwl7260-firmware-25.30.13.0-80.el7_9.noarch.rpm linux-firmware-20200421-80.git78c0348.el7_9.noarch.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: linux-firmware-20200421-80.git78c0348.el7_9.src.rpm noarch: iwl100-firmware-39.31.5.1-80.el7_9.noarch.rpm iwl1000-firmware-39.31.5.1-80.el7_9.noarch.rpm iwl105-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl135-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl2000-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl2030-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl3160-firmware-25.30.13.0-80.el7_9.noarch.rpm iwl3945-firmware-15.32.2.9-80.el7_9.noarch.rpm iwl4965-firmware-228.61.2.24-80.el7_9.noarch.rpm iwl5000-firmware-8.83.5.1_1-80.el7_9.noarch.rpm iwl5150-firmware-8.24.2.2-80.el7_9.noarch.rpm iwl6000-firmware-9.221.4.1-80.el7_9.noarch.rpm iwl6000g2a-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl6000g2b-firmware-18.168.6.1-80.el7_9.noarch.rpm iwl6050-firmware-41.28.5.1-80.el7_9.noarch.rpm iwl7260-firmware-25.30.13.0-80.el7_9.noarch.rpm linux-firmware-20200421-80.git78c0348.el7_9.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7.References: https://access.redhat.com/security/cve/CVE-2020-12321 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYBlBK9zjgjWX9erEAQgrEg/+Pbyq3vyDcM2LbJTgl906V+39lAlTHnbu kUKGaA0uByyj106LjRZLhIfsMG3MN18vmSG2ioqGwgcEWIjFhu2QcjagOhbTHTzV WSBKQnqN2DrUfoXPVz6HtBNgHgDaxOUkWIqM4NW2CUkWnHXzKJfw62yROd0HWRLj A5CIup7oyFRnMmEdwJQYDJTA2du+dOC0/y0WTfQLdDIr/L1f+kd/M9yX32m/pluW 95aAd4VmNq7CLO2scbtT+miQn7WgszHM6oQXuI47HZnIxPcIIrqf3ukMO8dPrZ2m 4BzljZqbJzlKVwKTIAN2PVwsiHj+CeXXeGmWAggL1O3RtSOBP0U1GTRLXXRI7RMD MncO3jnnDeqJVdEFK3h+fkYlRMSnOt1wjxVqNiWKdxwVmwzTAjeEZFT5Wf0sj9xZ wThko3P40dNGoKuZHLArUbmxIwVNMgGOye6LFnnhgyB8/DhBO3XRKeusBZTlDRBa c/eLBDc0pCjmEwxVC6pEik8HKoqL/F/xl4DbGdSOnGg3rbvJuuzo0jO8G8pbFfZM IgUPHJKp6c4ajCwDSHL/l4DoWE7o+zz+XDp8YlEnU7dyJ8v8Bb3sgwXKV89eYkdK lSgKaGXvhflGmk6wzCfzP3igVEQN7oM8UeaKwJinkIY5FkEq6nMK4FfO8s5yL/dp jaMDIRau5Xc=G8Wk -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Improve your Red Hat Enterprise Linux setup with a crucial linux-firmware update that fixes a buffer overflow flaw.. Red Hat Enterprise Linux,lamex-firmware update,firmware security,critical update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 02, 2021 Important Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryred hatsecurity fix

Red Hat: RHSA-2019-0765-01 Important: Python Information Disclosure

An update for rh-python36-python is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: rh-python36-python security update Advisory ID: RHSA-2019:0765-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2019:0765 Issue date: 2019-04-16 CVE Names: CVE-2019-9636 ==================================================================== 1. Summary: An update for rh-python36-python is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6) - ppc64le, s390x, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces tomany system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: Information Disclosure due to urlsplit improper NFKC normalization (CVE-2019-9636) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1688543 - CVE-2019-9636 python: Information Disclosure due to urlsplit improper NFKC normalization 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: rh-python36-python-3.6.3-4.el6.src.rpm x86_64: rh-python36-python-3.6.3-4.el6.x86_64.rpm rh-python36-python-debug-3.6.3-4.el6.x86_64.rpm rh-python36-python-debuginfo-3.6.3-4.el6.x86_64.rpm rh-python36-python-devel-3.6.3-4.el6.x86_64.rpm rh-python36-python-libs-3.6.3-4.el6.x86_64.rpm rh-python36-python-test-3.6.3-4.el6.x86_64.rpm rh-python36-python-tkinter-3.6.3-4.el6.x86_64.rpm rh-python36-python-tools-3.6.3-4.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: rh-python36-python-3.6.3-4.el6.src.rpm x86_64: rh-python36-python-3.6.3-4.el6.x86_64.rpm rh-python36-python-debug-3.6.3-4.el6.x86_64.rpm rh-python36-python-debuginfo-3.6.3-4.el6.x86_64.rpm rh-python36-python-devel-3.6.3-4.el6.x86_64.rpm rh-python36-python-libs-3.6.3-4.el6.x86_64.rpm rh-python36-python-test-3.6.3-4.el6.x86_64.rpm rh-python36-python-tkinter-3.6.3-4.el6.x86_64.rpm rh-python36-python-tools-3.6.3-4.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v.7): Source: rh-python36-python-3.6.3-7.el7.src.rpm aarch64: rh-python36-python-3.6.3-7.el7.aarch64.rpm rh-python36-python-debug-3.6.3-7.el7.aarch64.rpm rh-python36-python-debuginfo-3.6.3-7.el7.aarch64.rpm rh-python36-python-devel-3.6.3-7.el7.aarch64.rpm rh-python36-python-libs-3.6.3-7.el7.aarch64.rpm rh-python36-python-test-3.6.3-7.el7.aarch64.rpm rh-python36-python-tkinter-3.6.3-7.el7.aarch64.rpm rh-python36-python-tools-3.6.3-7.el7.aarch64.rpm ppc64le: rh-python36-python-3.6.3-7.el7.ppc64le.rpm rh-python36-python-debug-3.6.3-7.el7.ppc64le.rpm rh-python36-python-debuginfo-3.6.3-7.el7.ppc64le.rpm rh-python36-python-devel-3.6.3-7.el7.ppc64le.rpm rh-python36-python-libs-3.6.3-7.el7.ppc64le.rpm rh-python36-python-test-3.6.3-7.el7.ppc64le.rpm rh-python36-python-tkinter-3.6.3-7.el7.ppc64le.rpm rh-python36-python-tools-3.6.3-7.el7.ppc64le.rpm s390x: rh-python36-python-3.6.3-7.el7.s390x.rpm rh-python36-python-debug-3.6.3-7.el7.s390x.rpm rh-python36-python-debuginfo-3.6.3-7.el7.s390x.rpm rh-python36-python-devel-3.6.3-7.el7.s390x.rpm rh-python36-python-libs-3.6.3-7.el7.s390x.rpm rh-python36-python-test-3.6.3-7.el7.s390x.rpm rh-python36-python-tkinter-3.6.3-7.el7.s390x.rpm rh-python36-python-tools-3.6.3-7.el7.s390x.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v.7): Source: rh-python36-python-3.6.3-7.el7.src.rpm aarch64: rh-python36-python-3.6.3-7.el7.aarch64.rpm rh-python36-python-debug-3.6.3-7.el7.aarch64.rpm rh-python36-python-debuginfo-3.6.3-7.el7.aarch64.rpm rh-python36-python-devel-3.6.3-7.el7.aarch64.rpm rh-python36-python-libs-3.6.3-7.el7.aarch64.rpm rh-python36-python-test-3.6.3-7.el7.aarch64.rpm rh-python36-python-tkinter-3.6.3-7.el7.aarch64.rpm rh-python36-python-tools-3.6.3-7.el7.aarch64.rpm ppc64le: rh-python36-python-3.6.3-7.el7.ppc64le.rpm rh-python36-python-debug-3.6.3-7.el7.ppc64le.rpm rh-python36-python-debuginfo-3.6.3-7.el7.ppc64le.rpm rh-python36-python-devel-3.6.3-7.el7.ppc64le.rpm rh-python36-python-libs-3.6.3-7.el7.ppc64le.rpm rh-python36-python-test-3.6.3-7.el7.ppc64le.rpm rh-python36-python-tkinter-3.6.3-7.el7.ppc64le.rpm rh-python36-python-tools-3.6.3-7.el7.ppc64le.rpm s390x: rh-python36-python-3.6.3-7.el7.s390x.rpm rh-python36-python-debug-3.6.3-7.el7.s390x.rpm rh-python36-python-debuginfo-3.6.3-7.el7.s390x.rpm rh-python36-python-devel-3.6.3-7.el7.s390x.rpm rh-python36-python-libs-3.6.3-7.el7.s390x.rpm rh-python36-python-test-3.6.3-7.el7.s390x.rpm rh-python36-python-tkinter-3.6.3-7.el7.s390x.rpm rh-python36-python-tools-3.6.3-7.el7.s390x.rpm x86_64: rh-python36-python-3.6.3-7.el7.x86_64.rpm rh-python36-python-debug-3.6.3-7.el7.x86_64.rpm rh-python36-python-debuginfo-3.6.3-7.el7.x86_64.rpm rh-python36-python-devel-3.6.3-7.el7.x86_64.rpm rh-python36-python-libs-3.6.3-7.el7.x86_64.rpm rh-python36-python-test-3.6.3-7.el7.x86_64.rpm rh-python36-python-tkinter-3.6.3-7.el7.x86_64.rpm rh-python36-python-tools-3.6.3-7.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.4): Source: rh-python36-python-3.6.3-7.el7.src.rpm ppc64le: rh-python36-python-3.6.3-7.el7.ppc64le.rpm rh-python36-python-debug-3.6.3-7.el7.ppc64le.rpm rh-python36-python-debuginfo-3.6.3-7.el7.ppc64le.rpm rh-python36-python-devel-3.6.3-7.el7.ppc64le.rpm rh-python36-python-libs-3.6.3-7.el7.ppc64le.rpm rh-python36-python-test-3.6.3-7.el7.ppc64le.rpm rh-python36-python-tkinter-3.6.3-7.el7.ppc64le.rpm rh-python36-python-tools-3.6.3-7.el7.ppc64le.rpm s390x: rh-python36-python-3.6.3-7.el7.s390x.rpm rh-python36-python-debug-3.6.3-7.el7.s390x.rpm rh-python36-python-debuginfo-3.6.3-7.el7.s390x.rpm rh-python36-python-devel-3.6.3-7.el7.s390x.rpm rh-python36-python-libs-3.6.3-7.el7.s390x.rpm rh-python36-python-test-3.6.3-7.el7.s390x.rpm rh-python36-python-tkinter-3.6.3-7.el7.s390x.rpm rh-python36-python-tools-3.6.3-7.el7.s390x.rpm x86_64: rh-python36-python-3.6.3-7.el7.x86_64.rpm rh-python36-python-debug-3.6.3-7.el7.x86_64.rpm rh-python36-python-debuginfo-3.6.3-7.el7.x86_64.rpm rh-python36-python-devel-3.6.3-7.el7.x86_64.rpm rh-python36-python-libs-3.6.3-7.el7.x86_64.rpm rh-python36-python-test-3.6.3-7.el7.x86_64.rpm rh-python36-python-tkinter-3.6.3-7.el7.x86_64.rpm rh-python36-python-tools-3.6.3-7.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.5): Source: rh-python36-python-3.6.3-7.el7.src.rpm ppc64le: rh-python36-python-3.6.3-7.el7.ppc64le.rpm rh-python36-python-debug-3.6.3-7.el7.ppc64le.rpm rh-python36-python-debuginfo-3.6.3-7.el7.ppc64le.rpm rh-python36-python-devel-3.6.3-7.el7.ppc64le.rpm rh-python36-python-libs-3.6.3-7.el7.ppc64le.rpm rh-python36-python-test-3.6.3-7.el7.ppc64le.rpm rh-python36-python-tkinter-3.6.3-7.el7.ppc64le.rpm rh-python36-python-tools-3.6.3-7.el7.ppc64le.rpm s390x: rh-python36-python-3.6.3-7.el7.s390x.rpm rh-python36-python-debug-3.6.3-7.el7.s390x.rpm rh-python36-python-debuginfo-3.6.3-7.el7.s390x.rpm rh-python36-python-devel-3.6.3-7.el7.s390x.rpm rh-python36-python-libs-3.6.3-7.el7.s390x.rpm rh-python36-python-test-3.6.3-7.el7.s390x.rpm rh-python36-python-tkinter-3.6.3-7.el7.s390x.rpm rh-python36-python-tools-3.6.3-7.el7.s390x.rpm x86_64: rh-python36-python-3.6.3-7.el7.x86_64.rpm rh-python36-python-debug-3.6.3-7.el7.x86_64.rpm rh-python36-python-debuginfo-3.6.3-7.el7.x86_64.rpm rh-python36-python-devel-3.6.3-7.el7.x86_64.rpm rh-python36-python-libs-3.6.3-7.el7.x86_64.rpm rh-python36-python-test-3.6.3-7.el7.x86_64.rpm rh-python36-python-tkinter-3.6.3-7.el7.x86_64.rpm rh-python36-python-tools-3.6.3-7.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v.7.6): Source: rh-python36-python-3.6.3-7.el7.src.rpm ppc64le: rh-python36-python-3.6.3-7.el7.ppc64le.rpm rh-python36-python-debug-3.6.3-7.el7.ppc64le.rpm rh-python36-python-debuginfo-3.6.3-7.el7.ppc64le.rpm rh-python36-python-devel-3.6.3-7.el7.ppc64le.rpm rh-python36-python-libs-3.6.3-7.el7.ppc64le.rpm rh-python36-python-test-3.6.3-7.el7.ppc64le.rpm rh-python36-python-tkinter-3.6.3-7.el7.ppc64le.rpm rh-python36-python-tools-3.6.3-7.el7.ppc64le.rpm s390x: rh-python36-python-3.6.3-7.el7.s390x.rpm rh-python36-python-debug-3.6.3-7.el7.s390x.rpm rh-python36-python-debuginfo-3.6.3-7.el7.s390x.rpm rh-python36-python-devel-3.6.3-7.el7.s390x.rpm rh-python36-python-libs-3.6.3-7.el7.s390x.rpm rh-python36-python-test-3.6.3-7.el7.s390x.rpm rh-python36-python-tkinter-3.6.3-7.el7.s390x.rpm rh-python36-python-tools-3.6.3-7.el7.s390x.rpm x86_64: rh-python36-python-3.6.3-7.el7.x86_64.rpm rh-python36-python-debug-3.6.3-7.el7.x86_64.rpm rh-python36-python-debuginfo-3.6.3-7.el7.x86_64.rpm rh-python36-python-devel-3.6.3-7.el7.x86_64.rpm rh-python36-python-libs-3.6.3-7.el7.x86_64.rpm rh-python36-python-test-3.6.3-7.el7.x86_64.rpm rh-python36-python-tkinter-3.6.3-7.el7.x86_64.rpm rh-python36-python-tools-3.6.3-7.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-python36-python-3.6.3-7.el7.src.rpm x86_64: rh-python36-python-3.6.3-7.el7.x86_64.rpm rh-python36-python-debug-3.6.3-7.el7.x86_64.rpm rh-python36-python-debuginfo-3.6.3-7.el7.x86_64.rpm rh-python36-python-devel-3.6.3-7.el7.x86_64.rpm rh-python36-python-libs-3.6.3-7.el7.x86_64.rpm rh-python36-python-test-3.6.3-7.el7.x86_64.rpm rh-python36-python-tkinter-3.6.3-7.el7.x86_64.rpm rh-python36-python-tools-3.6.3-7.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7.References: https://access.redhat.com/security/cve/CVE-2019-9636 https://access.redhat.com/security/updates/classification#important https://bugs.python.org/issue36216 https://python-security.readthedocs.io/vuln/urlsplit-nfkc-normalization.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXLXhjdzjgjWX9erEAQjfMxAAlOz6bxCdJtiVATNmP9eb08GCfDclQb5a 1UNMAiTSG4n7irqRY7zkv0046KqtZ6skDbBb/G16cQo3snaKEg/UG/A2oCPq+lf6 8u1RwwhZNXy4pWVeZjd8kP9PDpTcc4UZE2KKSqUwu4p4UCx6qoEIeb2Z9geWTeaU m+eK0fXwZ6EuPLGJ2U+n45bliKV468xwOyfR07umjB05WQ+2uh7j/YvbLNLyFGNw 5NORO7G0QGMFBDyQzuKMTyINm8L5vUjKx34vJ+nnwTN7HJlD1UJVHS/jgjmj76mo WMM2H3j0VBJw3O6Y1jfZ9IAUU9QoNpEgmQAKSbHiL1suce76hIi359JKCbwfQuZg DPyJMTt7WFefCc2OyQehcHUWv4rYZNJjqjmqYCpI3YxpYrJtXQoyu8KLp1wOV5fu WozUjURQAE23synlnH9XFSj+RSAu0KWWuvHGPvIGAlfno/Roy/89Oi9HbaDKysHf rg7+vI8HZu0aXuxV/VdyOov/sZL5CrQr5nl00ECQGoPpM7AqtNGX0cT5Sn/e/DVn OKJueYAraS4mSmgS0YILp6jz1HTa9NzFLJJLgq0NeAWjRLbvTqqCkCGWibhJo69p za46I6aCGtK18BFZkeYeGIYlofLU/pUMF7BD90ChlWbkr6Lsu5DjzQdMbvYWVRv+ POGyImh1znY=c4p3 -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Debian introduces critical patch for python3.8 addressing potential information exposure flaws.. Python Security Update, Red Hat Software, Information Disclosure, Important Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 16, 2019 Important Red Hat
Banner 2 1028x280 1708121730 1 1771599631
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryred hatsecurity fix

Red Hat: RHSA-2016:1945-01 Important: bind97 DoS Attack Mitigation

An update for bind97 is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: bind97 security update Advisory ID: RHSA-2016:1945-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2016:1945.html Issue date: 2016-09-28 CVE Names: CVE-2016-2776 ==================================================================== 1. Summary: An update for bind97 is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop Workstation (v. 5 client) - i386, x86_64 3. Description: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Security Fix(es): * A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet. (CVE-2016-2776) Red Hat would like to thank ISC for reporting this issue. 4. Solution: For details on how to apply this update,which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, the BIND daemon (named) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1378380 - CVE-2016-2776 bind: assertion failure in buffer.c while building responses to a specifically constructed request 6. Package List: Red Hat Enterprise Linux Desktop Workstation (v. 5 client): Source: bind97-9.7.0-21.P2.el5_11.7.src.rpm i386: bind97-9.7.0-21.P2.el5_11.7.i386.rpm bind97-chroot-9.7.0-21.P2.el5_11.7.i386.rpm bind97-debuginfo-9.7.0-21.P2.el5_11.7.i386.rpm bind97-devel-9.7.0-21.P2.el5_11.7.i386.rpm bind97-libs-9.7.0-21.P2.el5_11.7.i386.rpm bind97-utils-9.7.0-21.P2.el5_11.7.i386.rpm x86_64: bind97-9.7.0-21.P2.el5_11.7.x86_64.rpm bind97-chroot-9.7.0-21.P2.el5_11.7.x86_64.rpm bind97-debuginfo-9.7.0-21.P2.el5_11.7.i386.rpm bind97-debuginfo-9.7.0-21.P2.el5_11.7.x86_64.rpm bind97-devel-9.7.0-21.P2.el5_11.7.i386.rpm bind97-devel-9.7.0-21.P2.el5_11.7.x86_64.rpm bind97-libs-9.7.0-21.P2.el5_11.7.i386.rpm bind97-libs-9.7.0-21.P2.el5_11.7.x86_64.rpm bind97-utils-9.7.0-21.P2.el5_11.7.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: bind97-9.7.0-21.P2.el5_11.7.src.rpm i386: bind97-9.7.0-21.P2.el5_11.7.i386.rpm bind97-chroot-9.7.0-21.P2.el5_11.7.i386.rpm bind97-debuginfo-9.7.0-21.P2.el5_11.7.i386.rpm bind97-devel-9.7.0-21.P2.el5_11.7.i386.rpm bind97-libs-9.7.0-21.P2.el5_11.7.i386.rpm bind97-utils-9.7.0-21.P2.el5_11.7.i386.rpm ia64: bind97-9.7.0-21.P2.el5_11.7.ia64.rpm bind97-chroot-9.7.0-21.P2.el5_11.7.ia64.rpm bind97-debuginfo-9.7.0-21.P2.el5_11.7.ia64.rpm bind97-devel-9.7.0-21.P2.el5_11.7.ia64.rpm bind97-libs-9.7.0-21.P2.el5_11.7.ia64.rpm bind97-utils-9.7.0-21.P2.el5_11.7.ia64.rpm ppc: bind97-9.7.0-21.P2.el5_11.7.ppc.rpm bind97-chroot-9.7.0-21.P2.el5_11.7.ppc.rpm bind97-debuginfo-9.7.0-21.P2.el5_11.7.ppc.rpm bind97-debuginfo-9.7.0-21.P2.el5_11.7.ppc64.rpm bind97-devel-9.7.0-21.P2.el5_11.7.ppc.rpm bind97-devel-9.7.0-21.P2.el5_11.7.ppc64.rpm bind97-libs-9.7.0-21.P2.el5_11.7.ppc.rpm bind97-libs-9.7.0-21.P2.el5_11.7.ppc64.rpm bind97-utils-9.7.0-21.P2.el5_11.7.ppc.rpm s390x: bind97-9.7.0-21.P2.el5_11.7.s390x.rpm bind97-chroot-9.7.0-21.P2.el5_11.7.s390x.rpm bind97-debuginfo-9.7.0-21.P2.el5_11.7.s390.rpm bind97-debuginfo-9.7.0-21.P2.el5_11.7.s390x.rpm bind97-devel-9.7.0-21.P2.el5_11.7.s390.rpm bind97-devel-9.7.0-21.P2.el5_11.7.s390x.rpm bind97-libs-9.7.0-21.P2.el5_11.7.s390.rpm bind97-libs-9.7.0-21.P2.el5_11.7.s390x.rpm bind97-utils-9.7.0-21.P2.el5_11.7.s390x.rpm x86_64: bind97-9.7.0-21.P2.el5_11.7.x86_64.rpm bind97-chroot-9.7.0-21.P2.el5_11.7.x86_64.rpm bind97-debuginfo-9.7.0-21.P2.el5_11.7.i386.rpm bind97-debuginfo-9.7.0-21.P2.el5_11.7.x86_64.rpm bind97-devel-9.7.0-21.P2.el5_11.7.i386.rpm bind97-devel-9.7.0-21.P2.el5_11.7.x86_64.rpm bind97-libs-9.7.0-21.P2.el5_11.7.i386.rpm bind97-libs-9.7.0-21.P2.el5_11.7.x86_64.rpm bind97-utils-9.7.0-21.P2.el5_11.7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7.References: https://access.redhat.com/security/cve/CVE-2016-2776 https://access.redhat.com/security/updates/classification/#important https://kb.isc.org/docs/aa-01419 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD4DBQFX68WcXlSAg2UNWIIRAu7BAJiFBSdLVJ0nFFPGg+jM9HRgVolhAJ0UPHAW c/EkOoJyrtAoLrcLQD9cmA==mfCk -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Crucial bind97 patch for Red Hat Enterprise Linux 5 addresses denial of service vulnerability and strengthens overall security.. bind97 Security Update, DoS Fix, Red Hat Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 28, 2016 Important Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatesecurity issue

Red Hat Enterprise Linux 5 RHSA-2014:1959-01 Moderate Kernel Fix

Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Moderate: kernel security and bug fix update Advisory ID: RHSA-2014:1959-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2014:1959.html Issue date: 2014-12-04 CVE Names: CVE-2014-0181 ==================================================================== 1. Summary: Updated kernel packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. * It was found that the permission checks performed by the Linux kernel when a netlink message was received were not sufficient. A local, unprivileged user could potentially bypass these restrictions by passing a netlink socket as stdout or stderr to a more privileged process and altering the output of this process. (CVE-2014-0181, Moderate) Red Hat would like to thank Andy Lutomirski for reporting this issue. This update also fixes the following bugs: * Previously, the kernel did not successfully deliver multicast packets when the multicast querier was disabled. Consequently, the corosync utility terminated unexpectedly and the affected storage node did not join its intended cluster. With this update,multicast packets are delivered properly when the multicast querier is disabled, and corosync handles the node as expected. (BZ#902454) * Previously, the kernel wrote the metadata contained in all system information blocks on a single page of the /proc/sysinfo file. However, when the machine configuration was very extensive and the data did not fit on a single page, the system overwrote random memory regions, which in turn caused data corruption when reading the /proc/sysconf file. With this update, /proc/sysinfo automatically allocates a larger buffer if the data output does not fit the current buffer, which prevents the data corruption. (BZ#1131283) * Prior to this update, the it_real_fn() function did not, in certain cases, successfully acquire the SIGLOCK signal when the do_setitimer() function used the ITIMER_REAL timer. As a consequence, the current process entered an endless loop and became unresponsive. This update fixes the bug and it_real_fn() no longer causes the kernel to become unresponsive. (BZ#1134654) All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. 5. Bugs fixed (https://bugzilla.redhat.com/): 1094265 - CVE-2014-0181 kernel: net: insufficient permision checks of netlink messages 6. Package List: Red Hat Enterprise Linux Desktop (v. 5client): Source: kernel-2.6.18-400.el5.src.rpm i386: kernel-2.6.18-400.el5.i686.rpm kernel-PAE-2.6.18-400.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-400.el5.i686.rpm kernel-PAE-devel-2.6.18-400.el5.i686.rpm kernel-debug-2.6.18-400.el5.i686.rpm kernel-debug-debuginfo-2.6.18-400.el5.i686.rpm kernel-debug-devel-2.6.18-400.el5.i686.rpm kernel-debuginfo-2.6.18-400.el5.i686.rpm kernel-debuginfo-common-2.6.18-400.el5.i686.rpm kernel-devel-2.6.18-400.el5.i686.rpm kernel-headers-2.6.18-400.el5.i386.rpm kernel-xen-2.6.18-400.el5.i686.rpm kernel-xen-debuginfo-2.6.18-400.el5.i686.rpm kernel-xen-devel-2.6.18-400.el5.i686.rpm noarch: kernel-doc-2.6.18-400.el5.noarch.rpm x86_64: kernel-2.6.18-400.el5.x86_64.rpm kernel-debug-2.6.18-400.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-400.el5.x86_64.rpm kernel-debug-devel-2.6.18-400.el5.x86_64.rpm kernel-debuginfo-2.6.18-400.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-400.el5.x86_64.rpm kernel-devel-2.6.18-400.el5.x86_64.rpm kernel-headers-2.6.18-400.el5.x86_64.rpm kernel-xen-2.6.18-400.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-400.el5.x86_64.rpm kernel-xen-devel-2.6.18-400.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: kernel-2.6.18-400.el5.src.rpm i386: kernel-2.6.18-400.el5.i686.rpm kernel-PAE-2.6.18-400.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-400.el5.i686.rpm kernel-PAE-devel-2.6.18-400.el5.i686.rpm kernel-debug-2.6.18-400.el5.i686.rpm kernel-debug-debuginfo-2.6.18-400.el5.i686.rpm kernel-debug-devel-2.6.18-400.el5.i686.rpm kernel-debuginfo-2.6.18-400.el5.i686.rpm kernel-debuginfo-common-2.6.18-400.el5.i686.rpm kernel-devel-2.6.18-400.el5.i686.rpm kernel-headers-2.6.18-400.el5.i386.rpm kernel-xen-2.6.18-400.el5.i686.rpm kernel-xen-debuginfo-2.6.18-400.el5.i686.rpm kernel-xen-devel-2.6.18-400.el5.i686.rpm ia64: kernel-2.6.18-400.el5.ia64.rpm kernel-debug-2.6.18-400.el5.ia64.rpm kernel-debug-debuginfo-2.6.18-400.el5.ia64.rpm kernel-debug-devel-2.6.18-400.el5.ia64.rpm kernel-debuginfo-2.6.18-400.el5.ia64.rpm kernel-debuginfo-common-2.6.18-400.el5.ia64.rpm kernel-devel-2.6.18-400.el5.ia64.rpm kernel-headers-2.6.18-400.el5.ia64.rpm kernel-xen-2.6.18-400.el5.ia64.rpm kernel-xen-debuginfo-2.6.18-400.el5.ia64.rpm kernel-xen-devel-2.6.18-400.el5.ia64.rpm noarch: kernel-doc-2.6.18-400.el5.noarch.rpm ppc: kernel-2.6.18-400.el5.ppc64.rpm kernel-debug-2.6.18-400.el5.ppc64.rpm kernel-debug-debuginfo-2.6.18-400.el5.ppc64.rpm kernel-debug-devel-2.6.18-400.el5.ppc64.rpm kernel-debuginfo-2.6.18-400.el5.ppc64.rpm kernel-debuginfo-common-2.6.18-400.el5.ppc64.rpm kernel-devel-2.6.18-400.el5.ppc64.rpm kernel-headers-2.6.18-400.el5.ppc.rpm kernel-headers-2.6.18-400.el5.ppc64.rpm kernel-kdump-2.6.18-400.el5.ppc64.rpm kernel-kdump-debuginfo-2.6.18-400.el5.ppc64.rpm kernel-kdump-devel-2.6.18-400.el5.ppc64.rpm s390x: kernel-2.6.18-400.el5.s390x.rpm kernel-debug-2.6.18-400.el5.s390x.rpm kernel-debug-debuginfo-2.6.18-400.el5.s390x.rpm kernel-debug-devel-2.6.18-400.el5.s390x.rpm kernel-debuginfo-2.6.18-400.el5.s390x.rpm kernel-debuginfo-common-2.6.18-400.el5.s390x.rpm kernel-devel-2.6.18-400.el5.s390x.rpm kernel-headers-2.6.18-400.el5.s390x.rpm kernel-kdump-2.6.18-400.el5.s390x.rpm kernel-kdump-debuginfo-2.6.18-400.el5.s390x.rpm kernel-kdump-devel-2.6.18-400.el5.s390x.rpm x86_64: kernel-2.6.18-400.el5.x86_64.rpm kernel-debug-2.6.18-400.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-400.el5.x86_64.rpm kernel-debug-devel-2.6.18-400.el5.x86_64.rpm kernel-debuginfo-2.6.18-400.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-400.el5.x86_64.rpm kernel-devel-2.6.18-400.el5.x86_64.rpm kernel-headers-2.6.18-400.el5.x86_64.rpm kernel-xen-2.6.18-400.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-400.el5.x86_64.rpm kernel-xen-devel-2.6.18-400.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2014-0181 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2014 Red Hat, Inc. . ==================================================================== Red Hat Security Advisory Synop. updated, kernel, packages, security, three. . LinuxSecurity.com Team

Calendar 2 Dec 04, 2014 Red Hat
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here