Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
217
security advisoryimportantauthenticationOracle Linux 9 libsoup Important Auth Fix ELSA-2026-2216
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-2216 http://linux.oracle.com/errata/ELSA-2026-2216.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: libsoup-2.72.0-12.el9_7.5.i686.rpm libsoup-2.72.0-12.el9_7.5.x86_64.rpm libsoup-devel-2.72.0-12.el9_7.5.i686.rpm libsoup-devel-2.72.0-12.el9_7.5.x86_64.rpm aarch64: libsoup-2.72.0-12.el9_7.5.aarch64.rpm libsoup-devel-2.72.0-12.el9_7.5.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/libsoup-2.72.0-12.el9_7.5.src.rpm Related CVEs: CVE-2026-0719 CVE-2026-1761 Description of changes: [2.72.0-12.5] - Backport patch for CVE-2026-1761 [2.72.0-12.4] - Backport patch for CVE-2026-0719 - Fix NTLM authentication test failures in FIPS mode _______________________________________________ El-errata mailing list
Feb 09, 2026
•Important
Oracle
89
security advisoryFedoraDoSFedora 40: 2024-ce2936b568 Moderate: DoS and Debug Fix for Rust Apps
This update contains builds from a mini-mass-rebuild for Rust applications (and some C-style libraries). Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information for the Rust standard library (and the resulting low-quality stack traces). Additionally, builds will have picked up fixes for some minor low-priority. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-ce2936b568 2024-05-26 01:25:15.719720 -------------------------------------------------------------------------------- Name : rust-uu_shuf Product : Fedora 40 Version : 0.0.23 Release : 3.fc40 URL : Summary : shuf ~ (uutils) display random permutations of input lines Description : shuf ~ (uutils) display random permutations of input lines. -------------------------------------------------------------------------------- Update Information: This update contains builds from a mini-mass-rebuild for Rust applications (and some C-style libraries). Rebuilding with the Rust 1.78 toolchain should fix incomplete debug information for the Rust standard library (and the resulting low-quality stack traces). Additionally, builds will have picked up fixes for some minor low-priority security and / or safety fixes in crate dependencies that had not yet been handled via a separate (targeted) rebuild: h2 v0.3.26+ (denial-of-service): https://rustsec.org/advisories/RUSTSEC-2024-0332.html glib v0.19.4+ and backports (UB): core/pull/1343 hashbrown v0.14.5+ (UB): https://github.com/rust-lang/hashbrown/pull/511 rustls v0.22.4+, v0.21.11+ (denial-of-service): https://rustsec.org/advisories/RUSTSEC-2024-0336.html -------------------------------------------------------------------------------- ChangeLog: * Thu May 23 2024 Fabio Valentini - 0.0.23-3 - Rebuild with Rust 1.78 to fix incomplete debuginfo and backtraces -------------------------------------------------------------------------------- This update can beinstalled with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-ce2936b568' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
May 26, 2024
Fedora
203
security advisorydenial of servicebuffer overflowMageia 9: 2023-0255 Moderate: Libtiff Runtime Error and DoS
A null pointer dereference issue was found in Libtiff's tif_dir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial of service. (CVE-2023-2908) . MGASA-2023-0255 - Updated libtiff packages fix security vulnerability Publication date: 11 Sep 2023 URL: https://advisories.mageia.org/MGASA-2023-0255.html Type: security Affected Mageia releases: 9 CVE: CVE-2023-2908, CVE-2023-3316, CVE-2023-3618, CVE-2023-25433, CVE-2023-26965, CVE-2023-26966 A null pointer dereference issue was found in Libtiff's tif_dir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial of service. (CVE-2023-2908) A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones. (CVE-2023-3316) A vulnerability was found in SourceCodester Resort Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument page leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. (CVE-2023-3618) libtiff 4.5.0 is vulnerable to Buffer Overflow in /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateImage() in tiffcrop cause heap-buffer-overflow and SEGV. (CVE-2023-25433) loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image. (CVE-2023-26965) libtiff 4.5.0 is vulnerable to Buffer Overflow in uv_encode() when libtiff reads a corrupted little-endian TIFF file and specifies the output to be big-endian.(CVE-2023-26966) References: - https://bugs.mageia.org/show_bug.cgi?id=32117 - https://ubuntu.com/security/notices/USN-6229-1 - https://www.cve.org/CVERecord?id=CVE-2023-2908 - https://www.cve.org/CVERecord?id=CVE-2023-3316 - https://www.cve.org/CVERecord?id=CVE-2023-3618 - https://www.cve.org/CVERecord?id=CVE-2023-25433 - https://www.cve.org/CVERecord?id=CVE-2023-26965 - https://www.cve.org/CVERecord?id=CVE-2023-26966 SRPMS: - 9/core/libtiff-4.5.1-1.mga9 . Mageia 2023-0256 resolves various vulnerabilities in libjpeg, such as an arbitrary code execution risk linked to a buffer overflow.. Libtiff Security Update,Mageia Update,Denial Of Service,Buffer Overflow,Runtim Error. . LinuxSecurity.com Team
Sep 11, 2023
Mageia
197
security advisorysecurity updateDebianDebian: LTS DLA-2083-1 Moderate: Hiredis NULL Pointer Issue
It was discovered that there were a large number of NULL pointer dereferences due to unchecked return values from malloc and friends in hiredis, a minimalistic C client library. . Package : hiredis Version : 0.11.0-4+deb8u1 CVE ID : CVE-2020-7105 Debian Bug : #949995 It was discovered that there were a large number of NULL pointer dereferences due to unchecked return values from malloc and friends in hiredis, a minimalistic C client library. For Debian 8 "Jessie", these issue have been fixed in hiredis version 0.11.0-4+deb8u1. We recommend that you upgrade your hiredis packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS Regards, - -- ,'`. : :' : Chris Lamb `. `'`
Jan 29, 2020
Debian LTS
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!