Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 21 articles for you...
217
Ls Advisories Oracle Esm H240
Price Tag 1security advisorysecurity issueimportant

Oracle Linux 9 ELSA-2026-8474 Important .NET Security Update

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-8474 http://linux.oracle.com/errata/ELSA-2026-8474.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: aspnetcore-runtime-9.0-9.0.15-1.0.1.el9_7.x86_64.rpm aspnetcore-runtime-dbg-9.0-9.0.15-1.0.1.el9_7.x86_64.rpm aspnetcore-targeting-pack-9.0-9.0.15-1.0.1.el9_7.x86_64.rpm dotnet-apphost-pack-9.0-9.0.15-1.0.1.el9_7.x86_64.rpm dotnet-hostfxr-9.0-9.0.15-1.0.1.el9_7.x86_64.rpm dotnet-runtime-9.0-9.0.15-1.0.1.el9_7.x86_64.rpm dotnet-runtime-dbg-9.0-9.0.15-1.0.1.el9_7.x86_64.rpm dotnet-sdk-9.0-9.0.116-1.0.1.el9_7.x86_64.rpm dotnet-sdk-9.0-source-built-artifacts-9.0.116-1.0.1.el9_7.x86_64.rpm dotnet-sdk-aot-9.0-9.0.116-1.0.1.el9_7.x86_64.rpm dotnet-sdk-dbg-9.0-9.0.116-1.0.1.el9_7.x86_64.rpm dotnet-targeting-pack-9.0-9.0.15-1.0.1.el9_7.x86_64.rpm dotnet-templates-9.0-9.0.116-1.0.1.el9_7.x86_64.rpm netstandard-targeting-pack-2.1-9.0.116-1.0.1.el9_7.x86_64.rpm aarch64: aspnetcore-runtime-9.0-9.0.15-1.0.1.el9_7.aarch64.rpm aspnetcore-runtime-dbg-9.0-9.0.15-1.0.1.el9_7.aarch64.rpm aspnetcore-targeting-pack-9.0-9.0.15-1.0.1.el9_7.aarch64.rpm dotnet-apphost-pack-9.0-9.0.15-1.0.1.el9_7.aarch64.rpm dotnet-hostfxr-9.0-9.0.15-1.0.1.el9_7.aarch64.rpm dotnet-runtime-9.0-9.0.15-1.0.1.el9_7.aarch64.rpm dotnet-runtime-dbg-9.0-9.0.15-1.0.1.el9_7.aarch64.rpm dotnet-sdk-9.0-9.0.116-1.0.1.el9_7.aarch64.rpm dotnet-sdk-9.0-source-built-artifacts-9.0.116-1.0.1.el9_7.aarch64.rpm dotnet-sdk-aot-9.0-9.0.116-1.0.1.el9_7.aarch64.rpm dotnet-sdk-dbg-9.0-9.0.116-1.0.1.el9_7.aarch64.rpm dotnet-targeting-pack-9.0-9.0.15-1.0.1.el9_7.aarch64.rpm dotnet-templates-9.0-9.0.116-1.0.1.el9_7.aarch64.rpm netstandard-targeting-pack-2.1-9.0.116-1.0.1.el9_7.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/dotnet9.0-9.0.116-1.0.1.el9_7.src.rpm Related CVEs: CVE-2026-26171 CVE-2026-32178 CVE-2026-32203 CVE-2026-33116 Description ofchanges: [9.0.116-1.0.1] - Add support for Oracle Linux [9.0.116-1] - Update to .NET SDK 9.0.116 and Runtime 9.0.15 - Resolves: RHEL-163394 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Get the latest Oracle Linux 9 updates for .NET that address important vulnerabilities with several CVEs.. Oracle Linux , .NET , important vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 19, 2026 Important Oracle
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorarisk assessment

Fedora 43 polkit CVE-2026-4897 Update on Unsanitized Input Risk

CVE-2026-4897 aisle.com fix of unsanitized getline. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-387a47c82b 2026-04-02 01:05:52.796913+00:00 -------------------------------------------------------------------------------- Name : polkit Product : Fedora 43 Version : 126 Release : 6.fc43.2 URL : https://github.com/polkit-org/polkit Summary : An authorization framework Description : polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes. -------------------------------------------------------------------------------- Update Information: CVE-2026-4897 aisle.com fix of unsanitized getline -------------------------------------------------------------------------------- ChangeLog: * Fri Mar 27 2026 Jan Rybar - 126-6.2 - CVE-2026-4897 aisle.com fix of unsanitized getline -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-387a47c82b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new . Discover the Fedora 43 polkit update regarding unsanitized input, including important risk details and mitigation steps.. Fedora Update, polkit, unsanitized input, security advisory, CVE-2026-4897. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 02, 2026 Important Fedora
Banner 3 1028x280 1708121785 1771599793
217
Ls Advisories Oracle Esm H240
Price Tag 1security advisoryimportantrisk assessment

Oracle Linux 9: ELSA-2025-20909 Podman: Important Security Update

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-20909 http://linux.oracle.com/errata/ELSA-2025-20909.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: podman-5.6.0-6.0.1.el9_7.x86_64.rpm podman-docker-5.6.0-6.0.1.el9_7.noarch.rpm podman-plugins-5.6.0-6.0.1.el9_7.x86_64.rpm podman-remote-5.6.0-6.0.1.el9_7.x86_64.rpm podman-tests-5.6.0-6.0.1.el9_7.x86_64.rpm aarch64: podman-5.6.0-6.0.1.el9_7.aarch64.rpm podman-docker-5.6.0-6.0.1.el9_7.noarch.rpm podman-plugins-5.6.0-6.0.1.el9_7.aarch64.rpm podman-remote-5.6.0-6.0.1.el9_7.aarch64.rpm podman-tests-5.6.0-6.0.1.el9_7.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/podman-5.6.0-6.0.1.el9_7.src.rpm Related CVEs: CVE-2025-9566 CVE-2025-47907 Description of changes: [5.6.0-6.0.1] - Add devices on container startup, not on creation - overlay: Put should ignore ENINVAL for Unmount [Orabug: 36234694] - Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117404] [6:5.6.0-6] - update to the latest content of https://github.com/containers/podman/tree/v5.6-rhel (https://github.com/containers/podman/commit/61231e1) - fixes "Timeouts while pushing Sigstore logs to Rekor - [RHEL 9.7] 0day" - Resolves: RHEL-111076 [6:5.6.0-5] - rebuild as last build was built in the wrong tag - Related: RHEL-110317 [6:5.6.0-4] - update to the latest content of https://github.com/containers/podman/tree/v5.6-rhel (https://github.com/containers/podman/commit/c5a3735) - fixes "Can not find network create and rm message from podman event when set --events-backend to journald - [RHEL 9.7] 0day" - Resolves: RHEL-110317 [6:5.6.0-3] - update to the latest content of https://github.com/containers/podman/tree/v5.6-rhel (https://github.com/containers/podman/commit/7078b79) - fixes "CVE-2025-9566 podman: Podman kube play command may overwrite host files [rhel-9.7]" - Resolves:RHEL-113151 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 9 podman updates include important security fixes for multiple CVEs enhancing container security.. oracle linux podman security fixes important updates. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 26, 2025 Important Oracle
217
Ls Advisories Oracle Esm H240
Price Tag 1security advisorysecurity fiximportant

Oracle Linux 9: Kernel Important Update ELSA-2025-20649 CVE-2025-38724

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-20649 http://linux.oracle.com/errata/ELSA-2025-20649.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: kernel-uek-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-core-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-debug-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-debug-core-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-debug-devel-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-debug-modules-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-debug-modules-core-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-debug-modules-deprecated-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-debug-modules-desktop-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-debug-modules-extra-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-debug-modules-usb-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-debug-modules-wireless-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-devel-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-doc-6.12.0-103.40.4.4.el9uek.noarch.rpm kernel-uek-modules-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-modules-core-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-modules-deprecated-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-modules-desktop-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-modules-extra-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-modules-extra-netfilter-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-modules-usb-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-modules-wireless-6.12.0-103.40.4.4.el9uek.x86_64.rpm kernel-uek-tools-6.12.0-103.40.4.4.el9uek.x86_64.rpm aarch64: kernel-uek-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-core-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-debug-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-debug-core-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-debug-devel-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-debug-modules-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-debug-modules-core-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-debug-modules-deprecated-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-debug-modules-desktop-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-debug-modules-extra-netfilter-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-debug-modules-usb-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-debug-modules-wireless-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-devel-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-modules-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-modules-extra-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-modules-core-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-modules-deprecated-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-modules-desktop-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-modules-extra-netfilter-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-modules-usb-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-modules-wireless-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek-tools-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek64k-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek64k-core-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek64k-devel-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek64k-modules-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek64k-modules-core-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek64k-modules-deprecated-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek64k-modules-desktop-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek64k-modules-extra-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek64k-modules-extra-netfilter-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek64k-modules-usb-6.12.0-103.40.4.4.el9uek.aarch64.rpm kernel-uek64k-modules-wireless-6.12.0-103.40.4.4.el9uek.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/kernel-uek-6.12.0-103.40.4.4.el9uek.src.rpm Related CVEs: CVE-2025-38724 CVE-2025-39698 CVE-2025-39866 CVE-2025-39881 Description of changes: [6.12.0-103.40.4.4.el9uek] - nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (Jeff Layton) [Orabug: 38500610] {CVE-2025-38724} - io_uring/futex: ensure io_futex_wait() cleans up properly on failure (Jens Axboe) [Orabug: 38500621] {CVE-2025-39698} - kernfs: Fix UAF in polling when open file is released (Chen Ridong) [Orabug: 38500629] {CVE-2025-39881} - fs: writeback: fix use-after-free in __mark_inode_dirty() (Jiufei Xue) [Orabug: 38500632] {CVE-2025-39866} _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Updated kernels for Oracle Linux 9 address critical issues, with important updates to enhance system security and performance.. Oracle Linux, kernel update, security advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Oct 08, 2025 Important Oracle
Banner 3 1028x280 1708121785 1771599793
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisoryimportantrisk assessment

openSUSE: 2025:0974-1 important: webkit2gtk3 Advisory Security Update

An update that solves one vulnerability can now be installed.. # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2025:0974-1 Release Date: 2025-03-21T08:23:25Z Rating: important References: * bsc#1239547 Cross-References: * CVE-2025-24201 CVSS scores: * CVE-2025-24201 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2025-24201 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: * CVE-2025-24201: Fixed out-of-bounds write vulnerability due to that WebGL context primitive restart can be toggled from WebContent process (bsc#1239547). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-974=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2025-974=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-974=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-974=1 openSUSE-SLE-15.6-2025-974=1 ## Package List: * Basesystem Module 15-SP6 (noarch) * WebKitGTK-4.0-lang-2.46.6-150600.12.30.2 * WebKitGTK-6.0-lang-2.46.6-150600.12.30.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) *libjavascriptcoregtk-6_0-1-2.46.6-150600.12.30.2 * webkitgtk-6_0-injected-bundles-debuginfo-2.46.6-150600.12.30.2 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150600.12.30.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150600.12.30.2 * webkitgtk-6_0-injected-bundles-2.46.6-150600.12.30.2 * webkit2gtk3-soup2-devel-2.46.6-150600.12.30.2 * webkit2gtk4-debugsource-2.46.6-150600.12.30.2 * libwebkitgtk-6_0-4-debuginfo-2.46.6-150600.12.30.2 * typelib-1_0-JavaScriptCore-4_0-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150600.12.30.2 * webkit2gtk-4_0-injected-bundles-2.46.6-150600.12.30.2 * libwebkitgtk-6_0-4-2.46.6-150600.12.30.2 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150600.12.30.2 * typelib-1_0-WebKit2-4_0-2.46.6-150600.12.30.2 * webkit2gtk3-soup2-debugsource-2.46.6-150600.12.30.2 * libwebkit2gtk-4_0-37-2.46.6-150600.12.30.2 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_0-18-2.46.6-150600.12.30.2 * Desktop Applications Module 15-SP6 (noarch) * WebKitGTK-4.1-lang-2.46.6-150600.12.30.2 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * webkit2gtk3-devel-2.46.6-150600.12.30.2 * webkit2gtk3-debugsource-2.46.6-150600.12.30.2 * libwebkit2gtk-4_1-0-2.46.6-150600.12.30.2 * typelib-1_0-JavaScriptCore-4_1-2.46.6-150600.12.30.2 * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150600.12.30.2 * webkit2gtk-4_1-injected-bundles-2.46.6-150600.12.30.2 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150600.12.30.2 * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150600.12.30.2 * typelib-1_0-WebKit2-4_1-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_1-0-2.46.6-150600.12.30.2 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.6-150600.12.30.2 * webkit2gtk4-debugsource-2.46.6-150600.12.30.2 *typelib-1_0-WebKit-6_0-2.46.6-150600.12.30.2 * webkit2gtk4-devel-2.46.6-150600.12.30.2 * typelib-1_0-JavaScriptCore-6_0-2.46.6-150600.12.30.2 * openSUSE Leap 15.6 (noarch) * WebKitGTK-4.0-lang-2.46.6-150600.12.30.2 * WebKitGTK-6.0-lang-2.46.6-150600.12.30.2 * WebKitGTK-4.1-lang-2.46.6-150600.12.30.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libjavascriptcoregtk-6_0-1-2.46.6-150600.12.30.2 * libwebkit2gtk-4_0-37-debuginfo-2.46.6-150600.12.30.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.6-150600.12.30.2 * webkit2gtk4-debugsource-2.46.6-150600.12.30.2 * webkit2gtk3-soup2-minibrowser-debuginfo-2.46.6-150600.12.30.2 * webkit-jsc-4.1-2.46.6-150600.12.30.2 * webkit2gtk-4_0-injected-bundles-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.6-150600.12.30.2 * webkit2gtk3-minibrowser-debuginfo-2.46.6-150600.12.30.2 * webkit2gtk3-soup2-minibrowser-2.46.6-150600.12.30.2 * libwebkit2gtk-4_1-0-debuginfo-2.46.6-150600.12.30.2 * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.6-150600.12.30.2 * webkit2gtk4-minibrowser-debuginfo-2.46.6-150600.12.30.2 * webkitgtk-6_0-injected-bundles-2.46.6-150600.12.30.2 * typelib-1_0-WebKit-6_0-2.46.6-150600.12.30.2 * typelib-1_0-JavaScriptCore-4_1-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.6-150600.12.30.2 * typelib-1_0-WebKit2-4_0-2.46.6-150600.12.30.2 * webkit2gtk3-minibrowser-2.46.6-150600.12.30.2 * typelib-1_0-WebKit2-4_1-2.46.6-150600.12.30.2 * webkit2gtk3-soup2-debugsource-2.46.6-150600.12.30.2 * libwebkit2gtk-4_0-37-2.46.6-150600.12.30.2 * webkit2gtk4-minibrowser-2.46.6-150600.12.30.2 * webkit-jsc-4-debuginfo-2.46.6-150600.12.30.2 * libwebkitgtk-6_0-4-debuginfo-2.46.6-150600.12.30.2 * webkit2gtk3-debugsource-2.46.6-150600.12.30.2 * typelib-1_0-WebKit2WebExtension-4_1-2.46.6-150600.12.30.2 * typelib-1_0-JavaScriptCore-4_0-2.46.6-150600.12.30.2 *webkit-jsc-4.1-debuginfo-2.46.6-150600.12.30.2 * typelib-1_0-WebKit2WebExtension-4_0-2.46.6-150600.12.30.2 * libwebkitgtk-6_0-4-2.46.6-150600.12.30.2 * typelib-1_0-JavaScriptCore-6_0-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_1-0-2.46.6-150600.12.30.2 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.6-150600.12.30.2 * webkitgtk-6_0-injected-bundles-debuginfo-2.46.6-150600.12.30.2 * webkit2gtk3-soup2-devel-2.46.6-150600.12.30.2 * webkit2gtk3-devel-2.46.6-150600.12.30.2 * libwebkit2gtk-4_1-0-2.46.6-150600.12.30.2 * webkit-jsc-4-2.46.6-150600.12.30.2 * webkit2gtk4-devel-2.46.6-150600.12.30.2 * webkit-jsc-6.0-2.46.6-150600.12.30.2 * webkit-jsc-6.0-debuginfo-2.46.6-150600.12.30.2 * webkit2gtk-4_1-injected-bundles-2.46.6-150600.12.30.2 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_0-18-2.46.6-150600.12.30.2 * openSUSE Leap 15.6 (x86_64) * libwebkit2gtk-4_0-37-32bit-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_0-18-32bit-2.46.6-150600.12.30.2 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.46.6-150600.12.30.2 * libwebkit2gtk-4_1-0-32bit-2.46.6-150600.12.30.2 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_1-0-32bit-2.46.6-150600.12.30.2 * openSUSE Leap 15.6 (aarch64_ilp32) * libwebkit2gtk-4_1-0-64bit-debuginfo-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_0-18-64bit-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_1-0-64bit-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.46.6-150600.12.30.2 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.46.6-150600.12.30.2 * libwebkit2gtk-4_0-37-64bit-2.46.6-150600.12.30.2 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.46.6-150600.12.30.2 * libwebkit2gtk-4_1-0-64bit-2.46.6-150600.12.30.2 ## References: *https://www.suse.com/security/cve/CVE-2025-24201.html * https://bugzilla.suse.com/show_bug.cgi?id=1239547 . Critical update for webkit2gtk3 addresses out-of-bounds write issue, enhancing openSUSE security.. update, solves, vulnerability, installed, security, webkit2gtk3. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 21, 2025 Important OpenSUSE
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisoryrisk assessmentimportant update

openSUSE 15.4: SUSE-SU-2025:0341-1 important: libxml2 use-after-free

An update that solves one vulnerability can now be installed.. # Security update for libxml2 Announcement ID: SUSE-SU-2025:0341-1 Release Date: 2025-02-03T16:33:21Z Rating: important References: * bsc#1236460 Cross-References: * CVE-2022-49043 CVSS scores: * CVE-2022-49043 ( SUSE ): 7.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49043 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49043 ( NVD ): 8.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for libxml2 fixes the following issues: * CVE-2022-49043: Fixed a use-after-free in xmlXIncludeAddNode. (bsc#1236460) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-341=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-341=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-341=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-341=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patchSUSE-SLE-Micro-5.4-2025-341=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-341=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-341=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-341=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-341=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-341=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-341=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-341=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libxml2-debugsource-2.9.14-150400.5.35.1 * libxml2-tools-2.9.14-150400.5.35.1 * python311-libxml2-2.9.14-150400.5.35.1 * libxml2-tools-debuginfo-2.9.14-150400.5.35.1 * libxml2-2-2.9.14-150400.5.35.1 * libxml2-python-debugsource-2.9.14-150400.5.35.1 * libxml2-2-debuginfo-2.9.14-150400.5.35.1 * libxml2-devel-2.9.14-150400.5.35.1 * python3-libxml2-debuginfo-2.9.14-150400.5.35.1 * python3-libxml2-2.9.14-150400.5.35.1 * python311-libxml2-debuginfo-2.9.14-150400.5.35.1 * openSUSE Leap 15.4 (x86_64) * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1 * libxml2-2-32bit-2.9.14-150400.5.35.1 * libxml2-devel-32bit-2.9.14-150400.5.35.1 * openSUSE Leap 15.4 (noarch) * libxml2-doc-2.9.14-150400.5.35.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libxml2-2-64bit-debuginfo-2.9.14-150400.5.35.1 * libxml2-2-64bit-2.9.14-150400.5.35.1 * libxml2-devel-64bit-2.9.14-150400.5.35.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libxml2-debugsource-2.9.14-150400.5.35.1 *libxml2-tools-2.9.14-150400.5.35.1 * libxml2-tools-debuginfo-2.9.14-150400.5.35.1 * libxml2-2-2.9.14-150400.5.35.1 * libxml2-python-debugsource-2.9.14-150400.5.35.1 * libxml2-2-debuginfo-2.9.14-150400.5.35.1 * python3-libxml2-debuginfo-2.9.14-150400.5.35.1 * python3-libxml2-2.9.14-150400.5.35.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libxml2-debugsource-2.9.14-150400.5.35.1 * libxml2-tools-2.9.14-150400.5.35.1 * libxml2-tools-debuginfo-2.9.14-150400.5.35.1 * libxml2-2-2.9.14-150400.5.35.1 * libxml2-python-debugsource-2.9.14-150400.5.35.1 * libxml2-2-debuginfo-2.9.14-150400.5.35.1 * python3-libxml2-debuginfo-2.9.14-150400.5.35.1 * python3-libxml2-2.9.14-150400.5.35.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libxml2-debugsource-2.9.14-150400.5.35.1 * libxml2-tools-2.9.14-150400.5.35.1 * libxml2-tools-debuginfo-2.9.14-150400.5.35.1 * libxml2-2-2.9.14-150400.5.35.1 * libxml2-python-debugsource-2.9.14-150400.5.35.1 * libxml2-2-debuginfo-2.9.14-150400.5.35.1 * python3-libxml2-debuginfo-2.9.14-150400.5.35.1 * python3-libxml2-2.9.14-150400.5.35.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libxml2-debugsource-2.9.14-150400.5.35.1 * libxml2-tools-2.9.14-150400.5.35.1 * libxml2-tools-debuginfo-2.9.14-150400.5.35.1 * libxml2-2-2.9.14-150400.5.35.1 * libxml2-python-debugsource-2.9.14-150400.5.35.1 * libxml2-2-debuginfo-2.9.14-150400.5.35.1 * python3-libxml2-debuginfo-2.9.14-150400.5.35.1 * python3-libxml2-2.9.14-150400.5.35.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libxml2-debugsource-2.9.14-150400.5.35.1 * libxml2-tools-2.9.14-150400.5.35.1 * python311-libxml2-2.9.14-150400.5.35.1 * libxml2-tools-debuginfo-2.9.14-150400.5.35.1 * libxml2-2-2.9.14-150400.5.35.1 * libxml2-2-debuginfo-2.9.14-150400.5.35.1 * libxml2-devel-2.9.14-150400.5.35.1 *python3-libxml2-debuginfo-2.9.14-150400.5.35.1 * python3-libxml2-2.9.14-150400.5.35.1 * python311-libxml2-debuginfo-2.9.14-150400.5.35.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1 * libxml2-2-32bit-2.9.14-150400.5.35.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libxml2-debugsource-2.9.14-150400.5.35.1 * libxml2-tools-2.9.14-150400.5.35.1 * python311-libxml2-2.9.14-150400.5.35.1 * libxml2-tools-debuginfo-2.9.14-150400.5.35.1 * libxml2-2-2.9.14-150400.5.35.1 * libxml2-2-debuginfo-2.9.14-150400.5.35.1 * libxml2-devel-2.9.14-150400.5.35.1 * python3-libxml2-debuginfo-2.9.14-150400.5.35.1 * python3-libxml2-2.9.14-150400.5.35.1 * python311-libxml2-debuginfo-2.9.14-150400.5.35.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1 * libxml2-2-32bit-2.9.14-150400.5.35.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libxml2-debugsource-2.9.14-150400.5.35.1 * libxml2-tools-2.9.14-150400.5.35.1 * python311-libxml2-2.9.14-150400.5.35.1 * libxml2-tools-debuginfo-2.9.14-150400.5.35.1 * libxml2-2-2.9.14-150400.5.35.1 * libxml2-2-debuginfo-2.9.14-150400.5.35.1 * libxml2-devel-2.9.14-150400.5.35.1 * python3-libxml2-debuginfo-2.9.14-150400.5.35.1 * python3-libxml2-2.9.14-150400.5.35.1 * python311-libxml2-debuginfo-2.9.14-150400.5.35.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1 * libxml2-2-32bit-2.9.14-150400.5.35.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libxml2-debugsource-2.9.14-150400.5.35.1 * libxml2-tools-2.9.14-150400.5.35.1 * python311-libxml2-2.9.14-150400.5.35.1 * libxml2-tools-debuginfo-2.9.14-150400.5.35.1 * libxml2-2-2.9.14-150400.5.35.1 *libxml2-2-debuginfo-2.9.14-150400.5.35.1 * libxml2-devel-2.9.14-150400.5.35.1 * python3-libxml2-debuginfo-2.9.14-150400.5.35.1 * python3-libxml2-2.9.14-150400.5.35.1 * python311-libxml2-debuginfo-2.9.14-150400.5.35.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1 * libxml2-2-32bit-2.9.14-150400.5.35.1 * SUSE Manager Proxy 4.3 (x86_64) * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1 * libxml2-debugsource-2.9.14-150400.5.35.1 * libxml2-tools-2.9.14-150400.5.35.1 * libxml2-tools-debuginfo-2.9.14-150400.5.35.1 * libxml2-2-32bit-2.9.14-150400.5.35.1 * libxml2-2-2.9.14-150400.5.35.1 * libxml2-2-debuginfo-2.9.14-150400.5.35.1 * libxml2-devel-2.9.14-150400.5.35.1 * python3-libxml2-debuginfo-2.9.14-150400.5.35.1 * python3-libxml2-2.9.14-150400.5.35.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1 * libxml2-debugsource-2.9.14-150400.5.35.1 * libxml2-tools-2.9.14-150400.5.35.1 * libxml2-tools-debuginfo-2.9.14-150400.5.35.1 * libxml2-2-32bit-2.9.14-150400.5.35.1 * libxml2-2-2.9.14-150400.5.35.1 * libxml2-2-debuginfo-2.9.14-150400.5.35.1 * libxml2-devel-2.9.14-150400.5.35.1 * python3-libxml2-debuginfo-2.9.14-150400.5.35.1 * python3-libxml2-2.9.14-150400.5.35.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libxml2-debugsource-2.9.14-150400.5.35.1 * libxml2-tools-2.9.14-150400.5.35.1 * libxml2-tools-debuginfo-2.9.14-150400.5.35.1 * libxml2-2-2.9.14-150400.5.35.1 * libxml2-2-debuginfo-2.9.14-150400.5.35.1 * libxml2-devel-2.9.14-150400.5.35.1 * python3-libxml2-debuginfo-2.9.14-150400.5.35.1 * python3-libxml2-2.9.14-150400.5.35.1 * SUSE Manager Server 4.3 (x86_64) * libxml2-2-32bit-debuginfo-2.9.14-150400.5.35.1 * libxml2-2-32bit-2.9.14-150400.5.35.1 ## References: * https://www.suse.com/security/cve/CVE-2022-49043.html *https://bugzilla.suse.com/show_bug.cgi?id=1236460 . A significant patch for libxml2 has been released to rectify a severe use-after-free vulnerability on openSUSE systems.. openSUSE Security Update, libxml2 patch, important advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 03, 2025 Important OpenSUSE
Banner 3 1028x280 1708121785 1771599793
217
Ls Advisories Oracle Esm H240
Price Tag 1security advisorymoderatesoftware update

Oracle Linux 8: ELSA-2024-10779 Moderate: Python Security Fixes

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-10779 http://linux.oracle.com/errata/ELSA-2024-10779.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: platform-python-3.6.8-69.0.1.el8_10.i686.rpm platform-python-3.6.8-69.0.1.el8_10.x86_64.rpm platform-python-debug-3.6.8-69.0.1.el8_10.i686.rpm platform-python-debug-3.6.8-69.0.1.el8_10.x86_64.rpm platform-python-devel-3.6.8-69.0.1.el8_10.i686.rpm platform-python-devel-3.6.8-69.0.1.el8_10.x86_64.rpm python3-idle-3.6.8-69.0.1.el8_10.i686.rpm python3-idle-3.6.8-69.0.1.el8_10.x86_64.rpm python3-libs-3.6.8-69.0.1.el8_10.i686.rpm python3-libs-3.6.8-69.0.1.el8_10.x86_64.rpm python3-test-3.6.8-69.0.1.el8_10.i686.rpm python3-test-3.6.8-69.0.1.el8_10.x86_64.rpm python3-tkinter-3.6.8-69.0.1.el8_10.i686.rpm python3-tkinter-3.6.8-69.0.1.el8_10.x86_64.rpm aarch64: platform-python-3.6.8-69.0.1.el8_10.aarch64.rpm platform-python-debug-3.6.8-69.0.1.el8_10.aarch64.rpm platform-python-devel-3.6.8-69.0.1.el8_10.aarch64.rpm python3-idle-3.6.8-69.0.1.el8_10.aarch64.rpm python3-libs-3.6.8-69.0.1.el8_10.aarch64.rpm python3-test-3.6.8-69.0.1.el8_10.aarch64.rpm python3-tkinter-3.6.8-69.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//python3-3.6.8-69.0.1.el8_10.src.rpm Related CVEs: CVE-2024-9287 CVE-2024-11168 Description of changes: [3.6.8-69.0.1] - Add Oracle Linux distribution in platform.py [Orabug: 20812544] [3.6.8.openela.0] - Add openela to supported dists [3.6.8-69] - Security fix for CVE-2024-11168 Resolves: RHEL-67252 [3.6.8-68] - Security fix for CVE-2024-9287 Resolves: RHEL-64878 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux Security Bulletin ELSA-2024-10780 provides enhancements for Perl, incorporating critical updates and additional fixes.. Oracle Linux, pythonupdates, security advisory, risk management, software maintenance. . LinuxSecurity.com Team

Calendar 2 Dec 05, 2024 Oracle
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorydenial of servicesoftware patch

SUSE: 2023:4069-1 Critical: Go1.21 Denial of Service Fix

* #1212475 * #1216109 Cross-References: * CVE-2023-39325 . # Security update for go1.21 Announcement ID: SUSE-SU-2023:4069-1 Rating: important References: * #1212475 * #1216109 Cross-References: * CVE-2023-39325 * CVE-2023-44487 CVSS scores: * CVE-2023-39325 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP4 * Development Tools Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for go1.21 fixes the following issues: * Update to go1.21.3 (bsc#1212475) * CVE-2023-39325: Fixed a flaw that can lead to a DoS due to a rapid stream resets causing excessive work. This is also known as CVE-2023-44487. (bsc#1216109) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-4069=1 * Development Tools Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-4069=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2023-4069=1 * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-4069=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * go1.21-doc-1.21.3-150000.1.12.1 * go1.21-race-1.21.3-150000.1.12.1 * go1.21-1.21.3-150000.1.12.1 * Development Tools Module 15-SP4 (aarch64 ppc64le s390x x86_64) * go1.21-doc-1.21.3-150000.1.12.1 * go1.21-1.21.3-150000.1.12.1 * Development Tools Module 15-SP4 (aarch64 x86_64) * go1.21-race-1.21.3-150000.1.12.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * go1.21-doc-1.21.3-150000.1.12.1 * go1.21-race-1.21.3-150000.1.12.1 * go1.21-1.21.3-150000.1.12.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * go1.21-doc-1.21.3-150000.1.12.1 * go1.21-race-1.21.3-150000.1.12.1 * go1.21-1.21.3-150000.1.12.1 ## References: * https://www.suse.com/security/cve/CVE-2023-39325.html * https://www.suse.com/security/cve/CVE-2023-44487.html * https://bugzilla.suse.com/show_bug.cgi?id=1212475 * https://bugzilla.suse.com/show_bug.cgi?id=1216109 . Essential security patch for go1.21 fixes significant flaws in SUSE operating systems.. SUSE Security Update, Go1.21 Fix, DoS Protection, Software Patch. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 13, 2023 Critical SuSE
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here