Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatesecurity update

Red Hat Certificate System 9.4 EUS RHSA-2021-0948-01 Moderate: XSS Issues

An update for pki-console, pki-core, and redhat-pki-theme is now available for Red Hat Certificate System 9.4 EUS. Red Hat Certificate System 9.4 EUS is a special channel for the delivery of Red Hat Certificate System updates. Downgrading the installed packages is. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: Red Hat Certificate System security and bug fix update Advisory ID: RHSA-2021:0948-01 Product: Red Hat Certificate System Advisory URL: https://access.redhat.com/errata/RHSA-2021:0948 Issue date: 2021-03-22 CVE Names: CVE-2019-10178 CVE-2019-10180 CVE-2020-1696 ==================================================================== 1. Summary: An update for pki-console, pki-core, and redhat-pki-theme is now available for Red Hat Certificate System 9.4 EUS. Red Hat Certificate System 9.4 EUS is a special channel for the delivery of Red Hat Certificate System updates. Downgrading the installed packages is not supported. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Certificate System 9.4 EUS for Red Hat Enterprise Server 7 - noarch, x86_64 3. Description: The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System. Security Fix(es): * pki-core: stored Cross-site scripting (XSS) in the pki-tps web Activity tab (CVE-2019-10178) * pki-core: unsanitized token parameters in TPS resulting in stored XSS (CVE-2019-10180) * pki-core: Stored XSS in TPS profile creation (CVE-2020-1696) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information,refer to the CVE page(s) listed in the References section. Bug Fix(es): * Update Batch Update Information to Version 20 [RHCS 9.4.z] (BZ#1931149) * Not able to launch pkiconsole -- RHEL 7.6.z backport request [RHCS 9.4.z] (BZ#1931718) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1719042 - CVE-2019-10178 pki-core: stored Cross-site scripting (XSS) in the pki-tps web Activity tab 1721137 - CVE-2019-10180 pki-core: unsanitized token parameters in TPS resulting in stored XSS 1780707 - CVE-2020-1696 pki-core: Stored XSS in TPS profile creation 6. Package List: Red Hat Certificate System 9.4 EUS for Red Hat Enterprise Server 7: Source: idm-console-framework-1.1.17-4.el7dsrv.src.rpm pki-console-10.5.9-2.el7pki.src.rpm pki-core-10.5.9-15.el7pki.src.rpm redhat-pki-theme-10.5.9-5.el7pki.src.rpm noarch: idm-console-framework-1.1.17-4.el7dsrv.noarch.rpm pki-console-10.5.9-2.el7pki.noarch.rpm pki-ocsp-10.5.9-15.el7pki.noarch.rpm pki-tks-10.5.9-15.el7pki.noarch.rpm redhat-pki-console-theme-10.5.9-5.el7pki.noarch.rpm redhat-pki-server-theme-10.5.9-5.el7pki.noarch.rpm x86_64: pki-core-debuginfo-10.5.9-15.el7pki.x86_64.rpm pki-tps-10.5.9-15.el7pki.x86_64.rpm Red Hat Certificate System 9.4 EUS for Red Hat Enterprise Server 7: Source: pki-console-10.5.9-2.el7pki.src.rpm pki-core-10.5.9-15.el7pki.src.rpm redhat-pki-theme-10.5.9-5.el7pki.src.rpm noarch: pki-console-10.5.9-2.el7pki.noarch.rpm pki-ocsp-10.5.9-15.el7pki.noarch.rpm pki-tks-10.5.9-15.el7pki.noarch.rpm redhat-pki-console-theme-10.5.9-5.el7pki.noarch.rpm redhat-pki-server-theme-10.5.9-5.el7pki.noarch.rpm x86_64: pki-core-debuginfo-10.5.9-15.el7pki.x86_64.rpm pki-tps-10.5.9-15.el7pki.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7.References: https://access.redhat.com/security/cve/CVE-2019-10178 https://access.redhat.com/security/cve/CVE-2019-10180 https://access.redhat.com/security/cve/CVE-2020-1696 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYFhdztzjgjWX9erEAQj6aA//bR+6+2CzjiglKDMwLrRzn4A0zL5hWJdV 5Vp7Di3ryqpxkTfNRiZDxpUoLRRUa1aNy9tqeZiAnP1VrqxfjM+HTtea7qCFDbsX MBdKj4LHSiONZlS/Af4A0oUVfPMqhppIy2ZiQLVEfjZEMFH67Xhlh6f1VzshFSVe uk+tcVG7TTOmTbjAW5i2CwpbzdTGxyOEXGcgWiQ0JiJ+tIJP2adRYiGfcu0A95ZF s5hL5okcWP9VEvOXXDfiQMjOw3fbsrTyn7ilL9wUEpD7zH0hBuvKqmRmirYt/4G9 g39/t7wUKJ2Jue1O0NbFhZ/gn1lpemXHN2z75p+4EUeH8lw9gTapciZD24VP7gDK djLXrErjzKr+R01BKKaw8tg0Mtvwq7HhXJS0+aEW+tytjBIsMAQyVwXWQqndRVJ8 pwq/UnU2tIVCx4/bsU0m6FDNPw3BiQAZZGZjefHKoHLtgrFgyIpLIxM2skIUsRcz TaL3P64NHLUSQAyrbHx2moeoO00hk3IoMKUMPxU9rbTOJ5Nl1WKQGIUmGjfl69g6 S9be1WwlWiwrCdFNbOmdMzm4/Go51Nn7INKwpqmLbLhJuRh8zkQE0bQPBc5mTKBj LOAOg0JsKhM0AId2M1Xy/88O1E2Xbb7b1+uWmcLVi7V7VY7PigDYiRD04W30B6Bo pswGYd8qNHA=xm9O -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://listman.redhat.com/mailman/listinfo/rhsa-announce . Important security patch for Red Hat Certificate System resolving various XSS vulnerabilities. Keep your system protected.. Red Hat Certificate System, XSS Security Fix, pki-core Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 22, 2021 Important Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatesecurity update

Red Hat Certificate System 9.7 RHSA-2021-0947-01 Moderate: pki-core XSS

An update for pki-core and redhat-pki-theme is now available for Red Hat Certificate System 9.7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: pki-core and redhat-pki-theme security and bug fix update Advisory ID: RHSA-2021:0947-01 Product: Red Hat Certificate System Advisory URL: https://access.redhat.com/errata/RHSA-2021:0947 Issue date: 2021-03-22 CVE Names: CVE-2019-10178 CVE-2019-10180 CVE-2020-1696 ==================================================================== 1. Summary: An update for pki-core and redhat-pki-theme is now available for Red Hat Certificate System 9.7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Certificate System 9.7 for Red Hat Enterprise Server 7 - noarch, x86_64 3. Description: The Public Key Infrastructure (PKI) Core contains fundamental packages required by Red Hat Certificate System. Security Fix(es): * pki-core: stored Cross-site scripting (XSS) in the pki-tps web Activity tab (CVE-2019-10178) * pki-core: unsanitized token parameters in TPS resulting in stored XSS (CVE-2019-10180) * pki-core: Stored XSS in TPS profile creation (CVE-2020-1696) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * TPS - Add logging to tdbAddCertificatesForCUID if adding or searching for cert record fails (BZ#1710978) * TPS - Update ErrorCodes returned to client (CIW/ESC) to Match CS8 (BZ#1858860) * TPS - Server side key generation is not working for Identity only tokens - - Missing some commits (BZ#1858861) * TPS does not check token cuid on the user registration record during PIN reset (BZ#1858867) * Update RHCS version of CA, KRA, OCSP, and TKS so that it can be identified using a browser [RHCS 9.7.z BU 2] (BZ#1895104) * Update RHCS version of CA, KRA, OCSP, and TKS so that it can be identified using a browser [RHCS 9.7.z BU 4] (BZ#1914474) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1719042 - CVE-2019-10178 pki-core: stored Cross-site scripting (XSS) in the pki-tps web Activity tab 1721137 - CVE-2019-10180 pki-core: unsanitized token parameters in TPS resulting in stored XSS 1780707 - CVE-2020-1696 pki-core: Stored XSS in TPS profile creation 6. Package List: Red Hat Certificate System 9.7 for Red Hat Enterprise Server 7: Source: pki-core-10.5.18-12.el7pki.src.rpm redhat-pki-theme-10.5.18-5.el7pki.src.rpm noarch: pki-ocsp-10.5.18-12.el7pki.noarch.rpm pki-tks-10.5.18-12.el7pki.noarch.rpm redhat-pki-console-theme-10.5.18-5.el7pki.noarch.rpm redhat-pki-server-theme-10.5.18-5.el7pki.noarch.rpm x86_64: pki-core-debuginfo-10.5.18-12.el7pki.x86_64.rpm pki-tps-10.5.18-12.el7pki.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2019-10178 https://access.redhat.com/security/cve/CVE-2019-10180 https://access.redhat.com/security/cve/CVE-2020-1696 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGPSIGNATURE----- Version: GnuPG v1 iQIVAwUBYFhQ6tzjgjWX9erEAQgznw/8CXabpC7kn8wNVevZQGxeeyLv3s4IJ9ii hxY6ZJuft87FsRlH5dT4tzAhybJN2igQGAL29OjLx6RcNkscJHr+mdKosV1CyTNd dafD7K6LnH3X/b6PKurkfDr8ehv2xpn5Gn5p2kB6x15AceGGPrMJ6WjiYM+J0yYY bAFaRRWbO3G27l4ZNKRSinDTU8cVxnV9olGwRcrHu8T5EdxudcEB6PHTy4dSbgwn H5z5JF92+IbbKiD/FvfW4ryuljb+IIf2EYqDzSmKZd3bGqP7Xt1K6+Sw3K3FzSxn nbdfAiKwMUZLJaKQWZRgwjwP2jYSeGjyMmvzyBk/a+6AsA69F7LlMjQ3jGkt2yst O8miYKURucBY4ghtu/CngtD/wypra2zkTtxDUTMiEc0fSjwI95SPjCcvg3UZQLOE QiKDeTptoyzrL2g4x4SSewIOEfBHEVAFy3S8a6XObGRpKG4dZvZB/tH1U+WqABBC 5z8rxRPWKPFN+4mBGLpp7S4gD2GOn1aoaZoMvPzLYIhVgHWZ+3maoDw6K1uMdl3G TZ6wdfdfPqvlbbmRz4sn7yVOR40dWirpju26qTcPhNquN0AdXiNJZiKkX9GVP9Y0 QegBtc7phSQOKl6jKT/foj592YQLP+j9vMR0Xy6+kbUmGAFC10A3ffRlRwcbpFLw HjTvuM1MjUI=yvFZ -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://listman.redhat.com/mailman/listinfo/rhsa-announce . A significant announcement concerning the Red Hat Certificate System has been made, focusing on alleviating moderate security threats stemming from XSS vulnerabilities within pki-core.. Red Hat Certificate Update, Moderate Security Risks, pki-core Security Fix, XSS Risks, Certificate System Update. . LinuxSecurity.com Team

Calendar 2 Mar 22, 2021 Red Hat
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here