Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryimportantinformation disclosure

Red Hat: RHSA-2009:1087-01 Important: mod_jk Information Disclosure

Updated mod_jk packages that fix one security issue are now available for Red Hat Application Server v2. This update has been rated as having important security impact by the Red Hat Security Response Team.. ==================================================================== Red Hat Security Advisory Synopsis: Important: mod_jk security update Advisory ID: RHSA-2009:1087-01 Product: Red Hat Application Server Advisory URL: https://access.redhat.com/errata/RHSA-2009:1087.html Issue date: 2009-06-09 CVE Names: CVE-2008-5519 ==================================================================== 1. Summary: Updated mod_jk packages that fix one security issue are now available for Red Hat Application Server v2. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Server v2 4AS - i386, ia64, ppc, x86_64 Red Hat Application Server v2 4ES - i386, ia64, x86_64 Red Hat Application Server v2 4WS - i386, ia64, x86_64 3. Description: mod_jk is an Apache Tomcat connector that allows Apache Tomcat and the Apache HTTP Server to communicate with each other. An information disclosure flaw was found in mod_jk. In certain situations, if a faulty client set the "Content-Length" header without providing data, or if a user sent repeated requests very quickly, one user may view a response intended for another user. (CVE-2008-5519) All mod_jk users are advised to upgrade to these updated packages. They provide mod_jk 1.2.28, which is not vulnerable to this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 490201 - CVE-2008-5519 mod_jk: session information leak 6. Package List: Red Hat ApplicationServer v2 4AS: Source: i386: mod_jk-ap20-1.2.28-1jpp_3rh.i386.rpm mod_jk-debuginfo-1.2.28-1jpp_3rh.i386.rpm mod_jk-manual-1.2.28-1jpp_3rh.i386.rpm ia64: mod_jk-ap20-1.2.28-1jpp_3rh.ia64.rpm mod_jk-debuginfo-1.2.28-1jpp_3rh.ia64.rpm mod_jk-manual-1.2.28-1jpp_3rh.ia64.rpm ppc: mod_jk-ap20-1.2.28-1jpp_3rh.ppc.rpm mod_jk-debuginfo-1.2.28-1jpp_3rh.ppc.rpm mod_jk-manual-1.2.28-1jpp_3rh.ppc.rpm x86_64: mod_jk-ap20-1.2.28-1jpp_3rh.x86_64.rpm mod_jk-debuginfo-1.2.28-1jpp_3rh.x86_64.rpm mod_jk-manual-1.2.28-1jpp_3rh.x86_64.rpm Red Hat Application Server v2 4ES: Source: i386: mod_jk-ap20-1.2.28-1jpp_3rh.i386.rpm mod_jk-debuginfo-1.2.28-1jpp_3rh.i386.rpm mod_jk-manual-1.2.28-1jpp_3rh.i386.rpm ia64: mod_jk-ap20-1.2.28-1jpp_3rh.ia64.rpm mod_jk-debuginfo-1.2.28-1jpp_3rh.ia64.rpm mod_jk-manual-1.2.28-1jpp_3rh.ia64.rpm x86_64: mod_jk-ap20-1.2.28-1jpp_3rh.x86_64.rpm mod_jk-debuginfo-1.2.28-1jpp_3rh.x86_64.rpm mod_jk-manual-1.2.28-1jpp_3rh.x86_64.rpm Red Hat Application Server v2 4WS: Source: i386: mod_jk-ap20-1.2.28-1jpp_3rh.i386.rpm mod_jk-debuginfo-1.2.28-1jpp_3rh.i386.rpm mod_jk-manual-1.2.28-1jpp_3rh.i386.rpm ia64: mod_jk-ap20-1.2.28-1jpp_3rh.ia64.rpm mod_jk-debuginfo-1.2.28-1jpp_3rh.ia64.rpm mod_jk-manual-1.2.28-1jpp_3rh.ia64.rpm x86_64: mod_jk-ap20-1.2.28-1jpp_3rh.x86_64.rpm mod_jk-debuginfo-1.2.28-1jpp_3rh.x86_64.rpm mod_jk-manual-1.2.28-1jpp_3rh.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2008-5519 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. . Essential mod_jk patch for Red Hat, targeting significant vulnerabilities impacting Apache connections. Discover more details here!. mod_jk Security Update, Red Hat Application Server,Information Disclosure. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 09, 2009 Important Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity issuecritical

Red Hat Application Server RHSA-2008:0862-02 Urgent: Tomcat Security Patch

Updated tomcat packages that fix several security issues are now available for Red Hat Application Server v2. This update has been rated as having important security impact by the Red Hat Security Response Team.. ==================================================================== Red Hat Security Advisory Synopsis: Important: tomcat security update Advisory ID: RHSA-2008:0862-02 Product: Red Hat Application Server Advisory URL: https://access.redhat.com/errata/RHSA-2008:0862.html Issue date: 2008-10-02 CVE Names: CVE-2007-5342 CVE-2007-5461 CVE-2008-1232 CVE-2008-1947 CVE-2008-2370 CVE-2008-2938 ==================================================================== 1. Summary: Updated tomcat packages that fix several security issues are now available for Red Hat Application Server v2. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Server v2 4AS - noarch Red Hat Application Server v2 4ES - noarch Red Hat Application Server v2 4WS - noarch 3. Description: Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. The default security policy in the JULI logging component did not restrict access permissions to files. This could be misused by untrusted web applications to access and write arbitrary files in the context of the Tomcat process. (CVE-2007-5342) A directory traversal vulnerability was discovered in the Apache Tomcat webdav servlet. Under certain configurations, this allowed remote, authenticated users to read files accessible to the local Tomcat process. (CVE-2007-5461) A cross-site scripting vulnerability was discovered in the HttpServletResponse.sendError() method. A remote attacker could inject arbitrary web script or HTML via forged HTTP headers. (CVE-2008-1232) An additional cross-site scripting vulnerability wasdiscovered in the host manager application. A remote attacker could inject arbitrary web script or HTML via the hostname parameter. (CVE-2008-1947) A traversal vulnerability was discovered when using a RequestDispatcher in combination with a servlet or JSP. A remote attacker could utilize a specially-crafted request parameter to access protected web resources. (CVE-2008-2370) An additional traversal vulnerability was discovered when the "allowLinking" and "URIencoding" settings were activated. A remote attacker could use a UTF-8-encoded request to extend their privileges and obtain local files accessible to the Tomcat process. (CVE-2008-2938) Users of tomcat should upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (https://bugzilla.redhat.com/): 333791 - CVE-2007-5461 Absolute path traversal Apache Tomcat WEBDAV 427216 - CVE-2007-5342 Apache Tomcat's default security policy is too open 446393 - CVE-2008-1947 Tomcat host manager xss - name field 456120 - CVE-2008-2938 tomcat Unicode directory traversal vulnerability 457597 - CVE-2008-1232 tomcat: Cross-Site-Scripting enabled by sendError call 457934 - CVE-2008-2370 tomcat RequestDispatcher information disclosure vulnerability 6. Package List: Red Hat Application Server v24AS: Source: noarch: tomcat5-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-admin-webapps-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-common-lib-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-jasper-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-jasper-javadoc-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-server-lib-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-webapps-5.5.23-0jpp_4rh.9.noarch.rpm Red Hat Application Server v2 4ES: Source: noarch: tomcat5-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-admin-webapps-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-common-lib-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-jasper-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-jasper-javadoc-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-server-lib-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-webapps-5.5.23-0jpp_4rh.9.noarch.rpm Red Hat Application Server v2 4WS: Source: noarch: tomcat5-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-admin-webapps-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-common-lib-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-jasper-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-jasper-javadoc-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-server-lib-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp_4rh.9.noarch.rpm tomcat5-webapps-5.5.23-0jpp_4rh.9.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7.References: https://www.cve.org/CVERecord?id=CVE-2007-5342 https://www.cve.org/CVERecord?id=CVE-2007-5461 https://www.cve.org/CVERecord?id=CVE-2008-1232 https://www.cve.org/CVERecord?id=CVE-2008-1947 https://www.cve.org/CVERecord?id=CVE-2008-2370 https://www.cve.org/CVERecord?id=CVE-2008-2938 https://tomcat.apache.org/security-5.html https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2008 Red Hat, Inc. . CentOS releases essential nginx patch CESA-2021:1234 to mitigate significant security flaws and risks.. Red Hat Application Server, Tomcat Security Update, Security Fixes, Important Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Oct 02, 2008 Important Red Hat
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here