Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Security Notice 2026-2328-1 Significant Updates on Four Xen Risks

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

openSUSE 2026-2328-1 Xen Important Buffer Overflow Patch

Calendar White Jun 10, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE Leap 15.6 Important Xen Denial of Service Fix SUSE-SU-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

openSUSE Important xen Patch for Multiple Threats SUSE-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE MariaDB Critical Security Fix 12 Vulnerabilities 2026-2330-1

Calendar White Jun 10, 2026
Critical
Ubuntu Large Esm H900
Ubuntu

Ubuntu 22.04 LTS Exim4 Moderate Regression CVE-2023-42117

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

SUSE StrongSwan Important Double-Free CVE-2026-47895 Advisory 2026-2312-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE vim Important Command Injection Buffer Overflow Update 2026-2313-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

openSUSE Important libsoup HTTP Request Smuggling Vulnerability 2026-2314-1

Calendar White Jun 10, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisoryprivilege escalationbug fix

Scientific Linux SL5.x: Low Severity rgmanager Security Advisory

Low: rgmanager security, bug fix, and enhancement update. Date: Thu, 4 Aug 2011 13:43:26 -0500 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA Low: rgmanager on SL5.x i386/x86_64 Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it." MIME-Version: 1.0 Synopsis: Low: rgmanager security, bug fix, and enhancement update Issue Date: 2011-07-21 CVE Numbers: CVE-2010-3389 The rgmanager package contains the Resource Group Manager, which provides the ability to create and manage high-availability server applications in the event of system downtime. It was discovered that certain resource agent scripts set the LD_LIBRARY_PATH environment variable to an insecure value containing empty path elements. A local user able to trick a user running those scripts to run them while working from an attacker-writable directory could use this flaw to escalate their privileges via a specially-crafted dynamic library. (CVE-2010-3389) This update also fixes the following bugs: * The failover domain "nofailback" option was not honored if a service was in the "starting" state. This bug has been fixed. * PID files with white spaces in the file name are now handled correctly. * The /usr/sbin/rhev-check.sh script can now be used from within Cron. * The clustat utility now reports the correct version. * The oracledb.sh agent now attempts to try the "shutdown immediate" command instead of using the "shutdown abort" command. * The SAPInstance and SAPDatabase scripts now use proper directory name quoting so they no longer collide with directory names like "/u". * The clufindhostname utility now returns the correct value in all cases. * The nfsclient resource agent now handles paths with trailing slashes correctly. * The last owner of a service is now reported correctly after a failover. * The /usr/share/cluster/fs.sh script no longer runs the "quotaoff" command if quotas were not configured. * The "listen" line in the /etc/httpd/conf/httpd.conf file generatedby the Apache resource agent is now correct. * The tomcat-5 resource agent no longer generates incorrect configurations. * The time required to stop an NFS resource when the server is unavailable has been reduced. * When using exclusive prioritization, a higher priority service now preempts a lower priority service after status check failures. * The postgres-8 resource agent now correctly detects failed start operations. * The handling of reference counts passed by rgmanager to resource agents now works properly, as expected. As well, this update adds the following enhancements: * It is now possible to disable updates to static routes by the IP resource agent. * It is now possible to use XFS as a file system within a cluster service. * It is now possible to use the "clustat" command as a non-root user, so long as that user is in the "root" group. * It is now possible to migrate virtual machines when central processing is enabled. * The rgmanager init script will now delay after stopping services in order to allow time for other nodes to restart them. * The handling of failed independent subtrees has been corrected. All users of Resource Group Manager are advised to upgrade to this updated package, which contains backported patches to correct these issues and add these enhancements. SL5: i386 rgmanager-2.0.52-21.el5.i386.rpm x86_64 rgmanager-2.0.52-21.el5.x86_64.rpm - Scientific Linux Development Team . The latest rgmanager update for Scientific Linux SL5.x tackles critical security vulnerabilities and essential bug fixes, urging prompt installation for better safety and performance. rgmanager, resource management, security update, system administration, SL5. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Aug 04, 2011 Low Scientific Linux
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity issueRed Hat Enterprise Linux

Red Hat 5: RHSA-2009:1339-02 Low: Rgmanager Security Issue Summary

An updated rgmanager package that fixes multiple security issues, various bugs, and adds enhancements is now available for Red Hat Enterprise Linux 5.. ==================================================================== Red Hat Security Advisory Synopsis: Low: rgmanager security, bug fix, and enhancement update Advisory ID: RHSA-2009:1339-02 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2009:1339.html Issue date: 2009-09-02 CVE Names: CVE-2008-6552 ==================================================================== 1. Summary: An updated rgmanager package that fixes multiple security issues, various bugs, and adds enhancements is now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Clustering (v. 5 server) - i386, ia64, ppc, x86_64 3. Description: The rgmanager package contains the Red Hat Resource Group Manager, which provides high availability for critical server applications in the event of system downtime. Multiple insecure temporary file use flaws were discovered in rgmanager and various resource scripts run by rgmanager. A local attacker could use these flaws to overwrite an arbitrary file writable by the rgmanager process (i.e. user root) with the output of rgmanager or a resource agent via a symbolic link attack. (CVE-2008-6552) This update also fixes the following bugs: * clulog now accepts '-' as the first character in messages. * if expire_time is 0, max_restarts is no longer ignored. * the SAP resource agents included in the rgmanager package shipped with Red Hat Enterprise Linux 5.3 were outdated. This update includes the most recent SAP resource agents and, consequently, improves SAP failover support. * empty PID files no longer cause resource start failures. * recovery policy of type 'restart' nowworks properly when using a resource based on ra-skelet.sh. * samba.sh has been updated to kill the PID listed in the proper PID file. * handling of the '-F' option has been improved to fix issues causing rgmanager to crash if no members of a restricted failover domain were online. * the number of simultaneous status checks can now be limited to prevent load spikes. * forking and cloning during status checks has been optimized to reduce load spikes. * rg_test no longer hangs when run with large cluster configuration files. * when rgmanager is used with a restricted failover domain it will no longer occasionally segfault when some nodes are offline during a failover event. * virtual machine guests no longer restart after a cluster.conf update. * nfsclient.sh no longer leaves temporary files after running. * extra checks from the Oracle agents have been removed. * vm.sh now uses libvirt. * users can now define an explicit service processing order when central_processing is enabled. * virtual machine guests can no longer start on 2 nodes at the same time. * in some cases a successfully migrated virtual machine guest could restart when the cluster.conf file was updated. * incorrect reporting of a service being started when it was not started has been addressed. As well, this update adds the following enhancements: * a startup_wait option has been added to the MySQL resource agent. * services can now be prioritized. * rgmanager now checks to see if it has been killed by the OOM killer and if so, reboots the node. Users of rgmanager are advised to upgrade to this updated package, which resolves these issues and adds these enhancements. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed(http://bugzilla.redhat.com/): 250718 - fs.sh inefficient scripting leads to load peaks and disk saturation 412911 - Convert all XM management calls to either lib virt or virsh 449394 - Recovery policy of type restart doesn't work with a service using a resource based on ra-skelet.sh 468691 - Virtual Services guest can start on 2 nodes at same time 470917 - The oracledb.sh script checks in strange intervals(10s, 5m, 4.5m) 471066 - rgmanager oracledb.sh resource agent does not properly check for all db startup failures. 471226 - oracledb.sh script kills ALL oracle instances when failing over 471431 - second ocf_log message doesn't make it to /var/log/messages 474444 - Zero-length pid files cause resource start failures 475826 - Update support for SAP resource agents (rgmanager) 481058 - MySQL Service Startup Timeout after Crash 482858 - Cluster Event Script needs Updates to include Group Exclusive 483093 - rgmanager: samba.sh tries to kill the wrong pid file 486349 - nfsclient.sh leaves temporary files /tmp/nfsclient-status-cache-$$ 486717 - clusvcadm -e -F handling bugs 488714 - Enabling (according to failover domain rules) a frozen service results in a unusable failed+frozen service 489785 - /usr/share/cluster/apache.sh does not handle a valid /etc/httpd/conf/httpd.conf configuration correctly 490449 - domU's restart after cluster.conf update 490455 - rg_test hangs when running against cluster 492828 - RFE: priorities for services/virtual machines 494977 - segfault in check_rdomain_crash() during failover 505340 - VM migration and subsequent cluster.conf update can cause the VM restart 514044 - vm.sh does will fail resource if "no state" is detected 519436 - CVE-2008-6552 cman, gfs2-utils, rgmanager: multiple insecure temporary file use issues 6. Package List: RHEL Clustering (v. 5server): Source: i386: rgmanager-2.0.52-1.el5.i386.rpm rgmanager-debuginfo-2.0.52-1.el5.i386.rpm ia64: rgmanager-2.0.52-1.el5.ia64.rpm rgmanager-debuginfo-2.0.52-1.el5.ia64.rpm ppc: rgmanager-2.0.52-1.el5.ppc.rpm rgmanager-debuginfo-2.0.52-1.el5.ppc.rpm x86_64: rgmanager-2.0.52-1.el5.x86_64.rpm rgmanager-debuginfo-2.0.52-1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2008-6552 https://access.redhat.com/security/updates/classification#low 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2009 Red Hat, Inc. . A revised cluster manager module addresses various vulnerabilities and introduces improvements for CentOS Linux 5.. rgmanager updates, Red Hat bug fix, security advisory, Linux server management. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Sep 02, 2009 Low Red Hat
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here