Alerts This Week
Warning Icon 1 609
Alerts This Week
Warning Icon 1 609

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 44 Transmission 4.1.2 Important Clickjacking Fix CVE-2026-38978

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 libre 4.8.1 Critical Update Details for Real-Time Communication

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 NextCloud Update Denial of Service JSON Tampering 2026-30881a5be7

Calendar White Jun 05, 2026
Important
Fedora Large Esm H800
Fedora

Fedora 44 python-starlette Security Fix for CVE-2026-48710

Calendar White Jun 05, 2026
Critical
Fedora Large Esm H900
Fedora

Fedora 44 perl-Cpanel-JSON-XS Moderate Denial of Service CVE-2026-9516

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 rubygem-yard High Path Traversal Fix Vuln 2026-acefc1fe48

Calendar White Jun 05, 2026
high
Fedora Large Esm H800
Fedora

Fedora 44 Rust Sequoia Sop Low-Severity Fix Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-sq Low Threat Security Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-wot Low Severity Security Fix 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisoryinformation leakgentoo

Gentoo: GLSA-202309-08 Low: Information Leak in Requests Library

A vulnerability has been discovered in Requests which could result in the disclosure of plaintext secrets.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202309-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: Requests: Information Leak Date: September 17, 2023 Bugs: #906970 ID: 202309-08 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== A vulnerability has been discovered in Requests which could result in the disclosure of plaintext secrets. Background ========== Requests is an HTTP library for human beings. Affected packages ================= Package Vulnerable Unaffected ------------------- ------------ ------------ dev-python/requests < 2.31.0 > = 2.31.0 Description =========== Requests is vulnerable to potentially leaking Proxy-Authorization headers to destination servers, specifically during redirects to an HTTPS origin with authentication credentials encoded into the URL. Impact ====== Users' proxy authentication secrets could be disclosed to parties beyond the used HTTP proxy server. Workaround ========== There is no known workaround at this time. Resolution ========== All Requests users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-python/requests-2.31.0" References ========== [ 1 ] CVE-2023-32681 https://nvd.nist.gov/vuln/detail/CVE-2023-32681 [ 2 ] GHSA-j8r2-6x86-q33q Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202309-08 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines isof utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2023 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Gentoo Security Advisory GLSA 202309-09 highlights a vulnerability in Libraries that may lead to unauthorized access to sensitive data.. Gentoo Security Advisory, Information Leak, Requests Library, Plaintext Secrets. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Sep 17, 2023 Low Gentoo
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycritical issuesoftware update

Debian DSA-3146-1 Critical: Authentication Issues in Requests Library

Jakub Wilk discovered that in requests, an HTTP library for the Python language, authentication information was improperly handled when a redirect occured. This would allow remote servers to obtain two different types of sensitive information: proxy passwords from the . - ------------------------------------------------------------------------- Debian Security Advisory DSA-3146-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Sebastien Delafond January 30, 2015 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : requests CVE ID : CVE-2014-1829 CVE-2014-1830 Debian Bug : 733108 Jakub Wilk discovered that in requests, an HTTP library for the Python language, authentication information was improperly handled when a redirect occured. This would allow remote servers to obtain two different types of sensitive information: proxy passwords from the Proxy-Authorization header (CVE-2014-1830), or netrc passwords from the Authorization header (CVE-2014-1829). For the stable distribution (wheezy), this problem has been fixed in version 0.12.1-1+deb7u1. For the upcoming stable distribution (jessie) and unstable distribution (sid), this problem has been fixed in version 2.3.0-1. We recommend that you upgrade your requests packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . Uncover the details of the January 2015 Debian Security Announcement DSA-3146-1 concerning a vulnerability related to sensitive data exposure in the requests package.. Debian Security Advisory, Python Requests Library, Authentication Information Leak. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 30, 2015 Critical Debian
Banner 3 1028x280 1708121785 1771599793
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorymoderateUbuntu

Ubuntu 14.04: 2382-1 Moderate: Requests Authentication Exposure Issue

Requests could be made to expose authentication credentials over the network.. =========================================================================Ubuntu Security Notice USN-2382-1 October 14, 2014 requests vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS Summary: Requests could be made to expose authentication credentials over the network. Software Description: - requests: elegant and simple HTTP library for Python Details: Jakub Wilk discovered that Requests incorrectly reused authentication credentials after being redirected. An attacker could possibly use this issue to obtain authentication credentials intended for another site. (CVE-2014-1829, CVE-2014-1830) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: python-requests 2.2.1-1ubuntu0.1 python3-requests 2.2.1-1ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-2382-1 CVE-2014-1829, CVE-2014-1830 Package Information: https://launchpad.net/ubuntu/+source/requests/2.2.1-1ubuntu0.1 . Potential security flaws in Ubuntu 14.04 may leak authentication tokens across the network. It is advisable to upgrade for enhanced safety.. requests library, Ubuntu 14.04, authentication risks, security patch. . LinuxSecurity.com Team

Calendar 2 Oct 14, 2014 Ubuntu
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here