Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 11 articles for you...
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisoryimportantOpenSUSE

openSUSE: Critical Ceph Security Update for Vulnerability 2021:0833-1

An update that fixes three vulnerabilities is now available.. openSUSE Security Update: Security update for ceph =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=5F Announcement ID: openSUSE-SU-2021:0833-1 Rating: important References: #1185619 #1186020 #1186021 Cross-References: CVE-2021-3509 CVE-2021-3524 CVE-2021-3531 CVSS scores: CVE-2021-3509 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/= S:U/C:H/I:H/A:H CVE-2021-3524 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/= S:U/C:N/I:H/A:N CVE-2021-3524 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/= S:U/C:N/I:H/A:N CVE-2021-3531 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/= S:U/C:N/I:N/A:L CVE-2021-3531 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/= S:U/C:N/I:N/A:H Affected Products: openSUSE Leap 15.2 =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=5F An update that fixes three vulnerabilities is now available. Description: This update for ceph fixes the following issues: - Update to 15.2.12-83-g528da226523: - (CVE-2021-3509) fix cookie injection issue (bsc#1186021) - (CVE-2021-3531) RGWSwiftWebsiteHandler::is=5Fweb=5Fdir checks empty subdir=5Fname (bsc#1186020) - (CVE-2021-3524) sanitize \r in s3 CORSConfiguration=3F=3F=3Fs ExposeHe= ader (bsc#1185619) This update was imported from the SUSE:SLE-15-SP2:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended instal= lation methods like YaST online=5Fupdate or "zypper patch". Alternatively youcan run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-833=3D1 Package List: - openSUSE Leap 15.2 (noarch): ceph-grafana-dashboards-15.2.12.83+g528da226523-lp152.2.18.1 ceph-mgr-cephadm-15.2.12.83+g528da226523-lp152.2.18.1 ceph-mgr-dashboard-15.2.12.83+g528da226523-lp152.2.18.1 ceph-mgr-diskprediction-cloud-15.2.12.83+g528da226523-lp152.2.18.1 ceph-mgr-diskprediction-local-15.2.12.83+g528da226523-lp152.2.18.1 ceph-mgr-k8sevents-15.2.12.83+g528da226523-lp152.2.18.1 ceph-mgr-modules-core-15.2.12.83+g528da226523-lp152.2.18.1 ceph-mgr-rook-15.2.12.83+g528da226523-lp152.2.18.1 ceph-prometheus-alerts-15.2.12.83+g528da226523-lp152.2.18.1 cephadm-15.2.12.83+g528da226523-lp152.2.18.1 - openSUSE Leap 15.2 (x86=5F64): ceph-15.2.12.83+g528da226523-lp152.2.18.1 ceph-base-15.2.12.83+g528da226523-lp152.2.18.1 ceph-base-debuginfo-15.2.12.83+g528da226523-lp152.2.18.1 ceph-common-15.2.12.83+g528da226523-lp152.2.18.1 ceph-common-debuginfo-15.2.12.83+g528da226523-lp152.2.18.1 ceph-debugsource-15.2.12.83+g528da226523-lp152.2.18.1 ceph-fuse-15.2.12.83+g528da226523-lp152.2.18.1 ceph-fuse-debuginfo-15.2.12.83+g528da226523-lp152.2.18.1 ceph-immutable-object-cache-15.2.12.83+g528da226523-lp152.2.18.1 ceph-immutable-object-cache-debuginfo-15.2.12.83+g528da226523-lp152.2= .18.1 ceph-mds-15.2.12.83+g528da226523-lp152.2.18.1 ceph-mds-debuginfo-15.2.12.83+g528da226523-lp152.2.18.1 ceph-mgr-15.2.12.83+g528da226523-lp152.2.18.1 ceph-mgr-debuginfo-15.2.12.83+g528da226523-lp152.2.18.1 ceph-mon-15.2.12.83+g528da226523-lp152.2.18.1 ceph-mon-debuginfo-15.2.12.83+g528da226523-lp152.2.18.1 ceph-osd-15.2.12.83+g528da226523-lp152.2.18.1 ceph-osd-debuginfo-15.2.12.83+g528da226523-lp152.2.18.1 ceph-radosgw-15.2.12.83+g528da226523-lp152.2.18.1 ceph-radosgw-debuginfo-15.2.12.83+g528da226523-lp152.2.18.1 ceph-test-15.2.12.83+g528da226523-lp152.2.18.1 ceph-test-debuginfo-15.2.12.83+g528da226523-lp152.2.18.1 ceph-test-debugsource-15.2.12.83+g528da226523-lp152.2.18.1 cephfs-shell-15.2.12.83+g528da226523-lp152.2.18.1 libcephfs-devel-15.2.12.83+g528da226523-lp152.2.18.1 libcephfs2-15.2.12.83+g528da226523-lp152.2.18.1 libcephfs2-debuginfo-15.2.12.83+g528da226523-lp152.2.18.1 librados-devel-15.2.12.83+g528da226523-lp152.2.18.1 librados-devel-debuginfo-15.2.12.83+g528da226523-lp152.2.18.1 librados2-15.2.12.83+g528da226523-lp152.2.18.1 librados2-debuginfo-15.2.12.83+g528da226523-lp152.2.18.1 libradospp-devel-15.2.12.83+g528da226523-lp152.2.18.1 librbd-devel-15.2.12.83+g528da226523-lp152.2.18.1 librbd1-15.2.12.83+g528da226523-lp152.2.18.1 librbd1-debuginfo-15.2.12.83+g528da226523-lp152.2.18.1 librgw-devel-15.2.12.83+g528da226523-lp152.2.18.1 librgw2-15.2.12.83+g528da226523-lp152.2.18.1 librgw2-debuginfo-15.2.12.83+g528da226523-lp152.2.18.1 python3-ceph-argparse-15.2.12.83+g528da226523-lp152.2.18.1 python3-ceph-common-15.2.12.83+g528da226523-lp152.2.18.1 python3-cephfs-15.2.12.83+g528da226523-lp152.2.18.1 python3-cephfs-debuginfo-15.2.12.83+g528da226523-lp152.2.18.1 python3-rados-15.2.12.83+g528da226523-lp152.2.18.1 python3-rados-debuginfo-15.2.12.83+g528da226523-lp152.2.18.1 python3-rbd-15.2.12.83+g528da226523-lp152.2.18.1 python3-rbd-debuginfo-15.2.12.83+g528da226523-lp152.2.18.1 python3-rgw-15.2.12.83+g528da226523-lp152.2.18.1 python3-rgw-debuginfo-15.2.12.83+g528da226523-lp152.2.18.1 rados-objclass-devel-15.2.12.83+g528da226523-lp152.2.18.1 rbd-fuse-15.2.12.83+g528da226523-lp152.2.18.1 rbd-fuse-debuginfo-15.2.12.83+g528da226523-lp152.2.18.1 rbd-mirror-15.2.12.83+g528da226523-lp152.2.18.1 rbd-mirror-debuginfo-15.2.12.83+g528da226523-lp152.2.18.1 rbd-nbd-15.2.12.83+g528da226523-lp152.2.18.1 rbd-nbd-debuginfo-15.2.12.83+g528da226523-lp152.2.18.1 References: https://www.suse.com/security/cve/CVE-2021-3509.html https://www.suse.com/security/cve/CVE-2021-3524.html https://www.suse.com/security/cve/CVE-2021-3531.html https://bugzilla.suse.com/1185619 https://bugzilla.suse.com/1186020 https://bugzilla.suse.com/1186021 . A critical security notification for openSUSE pertains to multiple vulnerabilities found in Ceph. Suggested measures have been outlined.. openSUSE security, ceph vulnerabilities, important update, system patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 26, 2025 Important OpenSUSE
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisoryupdateimportant

openSUSE: 2025:1054-1 important: mercurial Advisory Security Update

An update that solves one vulnerability can now be installed.. # Security update for mercurial Announcement ID: SUSE-SU-2025:1054-1 Release Date: 2025-03-28T16:55:02Z Rating: important References: * bsc#1239685 Cross-References: * CVE-2025-2361 CVSS scores: * CVE-2025-2361 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L * CVE-2025-2361 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L * CVE-2025-2361 ( NVD ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-2361 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for mercurial fixes the following issues: * CVE-2025-2361: Fixed improper sanitization of user-controlled input passed via the cmdparameter in the Mercurial SCM Web Interface (bsc#1239685) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-1054=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1054=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-1054=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1054=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1054=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1054=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1054=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1054=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1054=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1054=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1054=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-1054=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-1054=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-1054=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * mercurial-5.9.1-150400.3.6.1 *mercurial-tests-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * openSUSE Leap 15.4 (noarch) * mercurial-lang-5.9.1-150400.3.6.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-tests-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * openSUSE Leap 15.6 (noarch) * mercurial-lang-5.9.1-150400.3.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) *mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Manager Proxy 4.3 (x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * mercurial-5.9.1-150400.3.6.1 * mercurial-debuginfo-5.9.1-150400.3.6.1 * mercurial-debugsource-5.9.1-150400.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2025-2361.html * https://bugzilla.suse.com/show_bug.cgi?id=1239685 . Update for openSUSE fixes critical input sanitation issue in Mercurial affecting multiple systems.. update, solves, vulnerability, installed, security, mercurial, announ. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 28, 2025 Important OpenSUSE
Banner 3 1028x280 1708121785 1771599793
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderatepatch

SUSE: 2024:2858-1 Moderate: kubernetes1.23 Sanitization Fix

* bsc#1194400 Cross-References: * CVE-2021-25743 . # Security update for kubernetes1.23 Announcement ID: SUSE-SU-2024:2858-1 Rating: moderate References: * bsc#1194400 Cross-References: * CVE-2021-25743 CVSS scores: * CVE-2021-25743 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2021-25743 ( NVD ): 3.0 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for kubernetes1.23 fixes the following issues: * CVE-2021-25743: Fixed sanitization of raw data of escape, meta or control sequences before output it to terminal (bsc#1194400) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2858=1 openSUSE-SLE-15.5-2024-2858=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2858=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-2858=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.23-proxy-1.23.17-150500.3.15.1 * kubernetes1.23-scheduler-1.23.17-150500.3.15.1 * kubernetes1.23-client-1.23.17-150500.3.15.1 * kubernetes1.23-apiserver-1.23.17-150500.3.15.1 * kubernetes1.23-controller-manager-1.23.17-150500.3.15.1 * kubernetes1.23-client-common-1.23.17-150500.3.15.1 * kubernetes1.23-kubeadm-1.23.17-150500.3.15.1 * kubernetes1.23-kubelet-common-1.23.17-150500.3.15.1 * kubernetes1.23-kubelet-1.23.17-150500.3.15.1 * openSUSE Leap 15.5(noarch) * kubernetes1.23-client-fish-completion-1.23.17-150500.3.15.1 * kubernetes1.23-client-bash-completion-1.23.17-150500.3.15.1 * openSUSE Leap 15.5 (ppc64le) * kubernetes1.23-controller-manager-debuginfo-1.23.17-150500.3.15.1 * kubernetes1.23-kubeadm-debuginfo-1.23.17-150500.3.15.1 * kubernetes1.23-apiserver-debuginfo-1.23.17-150500.3.15.1 * kubernetes1.23-scheduler-debuginfo-1.23.17-150500.3.15.1 * kubernetes1.23-client-debuginfo-1.23.17-150500.3.15.1 * kubernetes1.23-kubelet-debuginfo-1.23.17-150500.3.15.1 * kubernetes1.23-proxy-debuginfo-1.23.17-150500.3.15.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kubernetes1.23-proxy-1.23.17-150500.3.15.1 * kubernetes1.23-scheduler-1.23.17-150500.3.15.1 * kubernetes1.23-client-1.23.17-150500.3.15.1 * kubernetes1.23-apiserver-1.23.17-150500.3.15.1 * kubernetes1.23-controller-manager-1.23.17-150500.3.15.1 * kubernetes1.23-client-common-1.23.17-150500.3.15.1 * kubernetes1.23-kubeadm-1.23.17-150500.3.15.1 * kubernetes1.23-kubelet-common-1.23.17-150500.3.15.1 * kubernetes1.23-kubelet-1.23.17-150500.3.15.1 * openSUSE Leap 15.6 (noarch) * kubernetes1.23-client-fish-completion-1.23.17-150500.3.15.1 * kubernetes1.23-client-bash-completion-1.23.17-150500.3.15.1 * openSUSE Leap 15.6 (ppc64le) * kubernetes1.23-controller-manager-debuginfo-1.23.17-150500.3.15.1 * kubernetes1.23-kubeadm-debuginfo-1.23.17-150500.3.15.1 * kubernetes1.23-apiserver-debuginfo-1.23.17-150500.3.15.1 * kubernetes1.23-scheduler-debuginfo-1.23.17-150500.3.15.1 * kubernetes1.23-client-debuginfo-1.23.17-150500.3.15.1 * kubernetes1.23-kubelet-debuginfo-1.23.17-150500.3.15.1 * kubernetes1.23-proxy-debuginfo-1.23.17-150500.3.15.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kubernetes1.23-client-1.23.17-150500.3.15.1 * kubernetes1.23-client-common-1.23.17-150500.3.15.1 * Containers Module 15-SP5 (ppc64le) *kubernetes1.23-client-debuginfo-1.23.17-150500.3.15.1 ## References: * https://www.suse.com/security/cve/CVE-2021-25743.html * https://bugzilla.suse.com/show_bug.cgi?id=1194400 . SUSE-SU-2024:2860-1 includes important security enhancements for kubernetes1.24 targeting CVE-2021-26744 vulnerabilities.. SUSE Security Updates, Kubernetes Security Advisory, Patch Instructions, CVE-2021-25743. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 08, 2024 Important SuSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderateSUSE

SUSE: 2024:2859-1 Moderate: Kubernetes 1.24 CVE-2021-25743 Advisory

* bsc#1194400 Cross-References: * CVE-2021-25743 . # Security update for kubernetes1.24 Announcement ID: SUSE-SU-2024:2859-1 Rating: moderate References: * bsc#1194400 Cross-References: * CVE-2021-25743 CVSS scores: * CVE-2021-25743 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2021-25743 ( NVD ): 3.0 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for kubernetes1.24 fixes the following issues: * CVE-2021-25743: Fixed sanitization of raw data of escape, meta or control sequences before output it to terminal (bsc#1194400) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-2859=1 SUSE-2024-2859=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-2859=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-2859=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-client-common-1.24.17-150500.3.19.1 * kubernetes1.24-proxy-1.24.17-150500.3.19.1 * kubernetes1.24-kubelet-1.24.17-150500.3.19.1 * kubernetes1.24-scheduler-1.24.17-150500.3.19.1 * kubernetes1.24-controller-manager-1.24.17-150500.3.19.1 * kubernetes1.24-client-1.24.17-150500.3.19.1 * kubernetes1.24-kubeadm-1.24.17-150500.3.19.1 * kubernetes1.24-kubelet-common-1.24.17-150500.3.19.1 * kubernetes1.24-apiserver-1.24.17-150500.3.19.1 * openSUSE Leap 15.5(noarch) * kubernetes1.24-client-bash-completion-1.24.17-150500.3.19.1 * kubernetes1.24-client-fish-completion-1.24.17-150500.3.19.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-client-common-1.24.17-150500.3.19.1 * kubernetes1.24-proxy-1.24.17-150500.3.19.1 * kubernetes1.24-kubelet-1.24.17-150500.3.19.1 * kubernetes1.24-scheduler-1.24.17-150500.3.19.1 * kubernetes1.24-controller-manager-1.24.17-150500.3.19.1 * kubernetes1.24-client-1.24.17-150500.3.19.1 * kubernetes1.24-kubeadm-1.24.17-150500.3.19.1 * kubernetes1.24-kubelet-common-1.24.17-150500.3.19.1 * kubernetes1.24-apiserver-1.24.17-150500.3.19.1 * openSUSE Leap 15.6 (noarch) * kubernetes1.24-client-bash-completion-1.24.17-150500.3.19.1 * kubernetes1.24-client-fish-completion-1.24.17-150500.3.19.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-client-common-1.24.17-150500.3.19.1 * kubernetes1.24-client-1.24.17-150500.3.19.1 ## References: * https://www.suse.com/security/cve/CVE-2021-25743.html * https://bugzilla.suse.com/show_bug.cgi?id=1194400 . Kubernetes version 1.24 has released a security patch for CVE-2021-25743, which has been assigned a moderate severity level. Instructions for applying the update are provided.. SUSE Security Update, Kubernetes 1.24, CVE-2021-25743, Linux Patch. . LinuxSecurity.com Team

Calendar 2 Aug 08, 2024 SuSE
Banner 3 1028x280 1708121785 1771599793
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderateupdate

openSUSE 15.4/15.5: SUSE-SU-2023:3002-1 Moderate: go1.20-openssl

This update for go1.20-openssl fixes the following issues: Update to version 1.20.6.1 (bsc#1206346):. # Security update for go1.20-openssl Announcement ID: SUSE-SU-2023:3002-1 Rating: moderate References: * #1206346 * #1213229 Cross-References: * CVE-2023-29406 CVSS scores: * CVE-2023-29406 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2023-29406 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Products: * Development Tools Module 15-SP4 * Development Tools Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has one fix can now be installed. ## Description: This update for go1.20-openssl fixes the following issues: Update to version 1.20.6.1 (bsc#1206346): * CVE-2023-29406: Fixed insufficient sanitization of Host header (bsc#1213229). ## Patch Instructions: To install this SUSE Moderate update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-3002=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-3002=1 * Development Tools Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-3002=1 * Development Tools Module 15-SP5 zypper in -t patchSUSE-SLE-Module-Development-Tools-15-SP5-2023-3002=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * go1.20-openssl-debuginfo-1.20.6.1-150000.1.8.1 * go1.20-openssl-1.20.6.1-150000.1.8.1 * go1.20-openssl-doc-1.20.6.1-150000.1.8.1 * go1.20-openssl-race-1.20.6.1-150000.1.8.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * go1.20-openssl-debuginfo-1.20.6.1-150000.1.8.1 * go1.20-openssl-1.20.6.1-150000.1.8.1 * go1.20-openssl-doc-1.20.6.1-150000.1.8.1 * go1.20-openssl-race-1.20.6.1-150000.1.8.1 * Development Tools Module 15-SP4 (aarch64 ppc64le s390x x86_64) * go1.20-openssl-debuginfo-1.20.6.1-150000.1.8.1 * go1.20-openssl-1.20.6.1-150000.1.8.1 * go1.20-openssl-doc-1.20.6.1-150000.1.8.1 * go1.20-openssl-race-1.20.6.1-150000.1.8.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * go1.20-openssl-debuginfo-1.20.6.1-150000.1.8.1 * go1.20-openssl-1.20.6.1-150000.1.8.1 * go1.20-openssl-doc-1.20.6.1-150000.1.8.1 * go1.20-openssl-race-1.20.6.1-150000.1.8.1 ## References: * https://www.suse.com/security/cve/CVE-2023-29406.html * https://bugzilla.suse.com/show_bug.cgi?id=1206346 * https://bugzilla.suse.com/show_bug.cgi?id=1213229 . Release note for version go1.20-openssl resolves a security vulnerability and introduces installation procedures specifically tailored for openSUSE users.. openSUSE Security Updates, go1.20-openssl Security Fix, Development Tools Security Advisory. . LinuxSecurity.com Team

Calendar 2 Jul 27, 2023 OpenSUSE
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycriticalcode execution

Debian 10 Buster DLA-3193-2 Critical Joblib Code Execution Fix

It was discovered that joblib did not completely sanitize arguments to pre_dispatch, allowing arbitrary code execution. The earlier attempt via DLA-3193-1 was incomplete. . ------------------------------------------------------------------------- Debian LTS Advisory DLA-3193-2 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Helmut Grohne March 30, 2023 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : joblib Version : 0.13.0-2+deb10u2 CVE ID : CVE-2022-21797 Debian Bug : 1020820 It was discovered that joblib did not completely sanitize arguments to pre_dispatch, allowing arbitrary code execution. The earlier attempt via DLA-3193-1 was incomplete. For Debian 10 buster, this problem has been fixed in version 0.13.0-2+deb10u2. We recommend that you upgrade your joblib packages. For the detailed security status of joblib please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/joblib Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS Advisory DLA-3200-1 highlights critical vulnerability in numpy library potentially enabling code execution. Immediate upgrade advised.. Debian LTS, Joblib Security, Code Execution Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 30, 2023 Critical Debian LTS
Banner 3 1028x280 1708121785 1771599793
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderatesoftware update

SUSE: 2022:0882-1 Moderate: Python3 FTP Access and Sanitization Issue

An update that fixes two vulnerabilities is now available. . SUSE Security Update: Security update for python3 ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:0882-1 Rating: moderate References: #1194146 #1195396 Cross-References: CVE-2021-4189 CVE-2022-0391 CVSS scores: CVE-2021-4189 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2022-0391 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2022-0391 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: SUSE Linux Enterprise High Performance Computing 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP4 SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12-SP3 SUSE Linux Enterprise Server for SAP Applications 12-SP4 SUSE Linux Enterprise Server for SAP Applications 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP5 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for python3 fixes the following issues: - CVE-2021-4189: Fixed default access from PASV response in the FTP client (bsc#1194146). - CVE-2022-0391: Fixed sanitizing of URLs containing ASCII newline and tabs in urlparse (bsc#1195396). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-882=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-882=1 - SUSE Linux Enterprise Module for Web Scripting 12: zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2022-882=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): python3-base-debuginfo-3.4.10-25.85.1 python3-base-debugsource-3.4.10-25.85.1 python3-dbm-3.4.10-25.85.2 python3-dbm-debuginfo-3.4.10-25.85.2 python3-debuginfo-3.4.10-25.85.2 python3-debugsource-3.4.10-25.85.2 python3-devel-3.4.10-25.85.1 - SUSE Linux Enterprise Software Development Kit 12-SP5 (ppc64le s390x x86_64): python3-devel-debuginfo-3.4.10-25.85.1 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): libpython3_4m1_0-3.4.10-25.85.1 libpython3_4m1_0-debuginfo-3.4.10-25.85.1 python3-3.4.10-25.85.2 python3-base-3.4.10-25.85.1 python3-base-debuginfo-3.4.10-25.85.1 python3-base-debugsource-3.4.10-25.85.1 python3-curses-3.4.10-25.85.2 python3-curses-debuginfo-3.4.10-25.85.2 python3-debuginfo-3.4.10-25.85.2 python3-debugsource-3.4.10-25.85.2 python3-devel-3.4.10-25.85.1 python3-tk-3.4.10-25.85.2 python3-tk-debuginfo-3.4.10-25.85.2 - SUSE Linux Enterprise Server 12-SP5 (ppc64le s390x x86_64): python3-devel-debuginfo-3.4.10-25.85.1 - SUSE Linux Enterprise Server 12-SP5 (s390x x86_64): libpython3_4m1_0-32bit-3.4.10-25.85.1 libpython3_4m1_0-debuginfo-32bit-3.4.10-25.85.1 python3-base-debuginfo-32bit-3.4.10-25.85.1 - SUSE Linux Enterprise Module for Web Scripting 12 (aarch64 ppc64le s390x x86_64): libpython3_4m1_0-3.4.10-25.85.1 libpython3_4m1_0-debuginfo-3.4.10-25.85.1 python3-3.4.10-25.85.2 python3-base-3.4.10-25.85.1 python3-base-debuginfo-3.4.10-25.85.1 python3-base-debugsource-3.4.10-25.85.1 python3-curses-3.4.10-25.85.2 python3-debuginfo-3.4.10-25.85.2 python3-debugsource-3.4.10-25.85.2 References: https://www.suse.com/security/cve/CVE-2021-4189.html https://www.suse.com/security/cve/CVE-2022-0391.html https://bugzilla.suse.com/1194146 https://bugzilla.suse.com/1195396 . SUSE Security Notice for python3: Two vulnerabilities addressed with a medium severity rating. Refer to the specifics for impacted software. . SUSE Software Update, Python3 Security, Moderate CVE Fixes. . LinuxSecurity.com Team

Calendar 2 Mar 16, 2022 SuSE
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorymoderateXSS

Mageia 7: MGASA-2021-0010 Moderate: SquirrelMail XSS Attack Risk

XSS was discovered in SquirrelMail through 1.4.22. Due to improper handling of RCDATA and RAWTEXT type elements, the built-in sanitization mechanism can be bypassed. Malicious script content from HTML e-mail can be executed within the application context via crafted use of (for example) a NOEMBED, NOFRAMES, NOSCRIPT, or TEXTAREA element (). . MGASA-2021-0010 - Updated squirrelmail packages fix security vulnerabilities Publication date: 08 Jan 2021 URL: https://advisories.mageia.org/MGASA-2021-0010.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-12970 XSS was discovered in SquirrelMail through 1.4.22. Due to improper handling of RCDATA and RAWTEXT type elements, the built-in sanitization mechanism can be bypassed. Malicious script content from HTML e-mail can be executed within the application context via crafted use of (for example) a NOEMBED, NOFRAMES, NOSCRIPT, or TEXTAREA element (). An unsafe use of unserialize() in compose.php has also been fixed. References: - https://bugs.mageia.org/show_bug.cgi?id=27821 - https://www.openwall.com/lists/oss-security/2020/06/20/1 - https://ubuntu.com/security/notices/USN-4669-1 - https://www.cve.org/CVERecord?id=CVE-2019-12970 SRPMS: - 7/core/squirrelmail-1.4.23-0.svn20201220_0200.1.mga7 . Vulnerable code execution in SquirrelMail caused by input validation error. Patch available to address discovered security vulnerabilities promptly.. SquirrelMail Security,Mageia XSS,Mageia Security Patch,SquirrelMail Update,XSS Attack Prevention. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 08, 2021 Important Mageia
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here