Alerts This Week
Warning Icon 1 664
Alerts This Week
Warning Icon 1 664

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 3 articles for you...
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorysanitization issueMageia

Mageia 9: Critical Security Fixes for php-tcpdf in Update 2025-0059

An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute. (CVE-2024-56519) An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER are set unsafely. (CVE-2024-56521) . MGASA-2025-0059 - Updated php-tcpdf packages fix security vulnerabilities Publication date: 12 Feb 2025 URL: https://advisories.mageia.org/MGASA-2025-0059.html Type: security Affected Mageia releases: 9 CVE: CVE-2024-56519, CVE-2024-56521, CVE-2024-56522, CVE-2024-56527 An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute. (CVE-2024-56519) An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER are set unsafely. (CVE-2024-56521) An issue was discovered in TCPDF before 6.8.0. unserializeTCPDFtag uses != (aka loose comparison) and does not use a constant-time function to compare TCPDF tag hashes. (CVE-2024-56522) An issue was discovered in TCPDF before 6.8.0. The Error function lacks an htmlspecialchars call for the error message. (CVE-2024-56527) References: - https://bugs.mageia.org/show_bug.cgi?id=33898 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./message/ZX3ABLKKEVGN4M4BBUJFPBNWW5SHP7J3/ - https://www.cve.org/CVERecord?id=CVE-2024-56519 - https://www.cve.org/CVERecord?id=CVE-2024-56521 - https://www.cve.org/CVERecord?id=CVE-2024-56522 - https://www.cve.org/CVERecord?id=CVE-2024-56527 SRPMS: - 9/core/php-tcpdf-6.5.0-1.3.mga9 . MGASA-2025-0060 revised php-mpdf components resolve security flaws for Mageia users concerning identified vulnerabilities.. php-tcpdf, Mageia security, vulnerability fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 12, 2025 Critical Mageia
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderatesanitization issue

SUSE: 2022:4075-1 Moderate: rubygem-loofah Sanitization Issue

An update that fixes two vulnerabilities is now available. . SUSE Security Update: Security update for rubygem-loofah ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:4075-1 Rating: moderate References: #1154751 Cross-References: CVE-2018-8048 CVE-2019-15587 CVSS scores: CVE-2018-8048 (NVD) : 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE-2018-8048 (SUSE): 5.4 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2019-15587 (NVD) : 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2019-15587 (SUSE): 6.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Affected Products: SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for rubygem-loofah fixes the following issues: - CVE-2019-15587: Fixed issue in sanitization of crafted SVG elements (bsc#1154751). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 9: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2022-4075=1 - SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2022-4075=1 Package List: - SUSE OpenStack Cloud Crowbar 9 (x86_64): ruby2.1-rubygem-loofah-2.0.2-3.11.1 - SUSE OpenStack Cloud Crowbar 8 (x86_64): ruby2.1-rubygem-loofah-2.0.2-3.11.1 References: https://www.suse.com/security/cve/CVE-2018-8048.html https://www.suse.com/security/cve/CVE-2019-15587.html https://bugzilla.suse.com/1154751 . An update for rubygem-loofah has been released to rectify two criticalvulnerabilities regarding sanitization and enhance overall product safety. Urgent implementation is advised.. SUSE Update,rubygem-loofah Patch,Software Security Fix. . LinuxSecurity.com Team

Calendar 2 Nov 18, 2022 SuSE
Banner 4 1028x280 1708121825 1771600306
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderateupdate

SUSE: 2022:5237-2 Important: RubyGem-Nokogiri Vulnerability Alert

An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for rubygem-loofah ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3868-1 Rating: moderate References: #1154751 Cross-References: CVE-2019-15587 CVSS scores: CVE-2019-15587 (NVD) : 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2019-15587 (SUSE): 6.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Affected Products: SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Availability 15-SP1 SUSE Linux Enterprise High Availability 15-SP2 SUSE Linux Enterprise High Availability 15-SP3 SUSE Linux Enterprise High Availability 15-SP4 SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise High Performance Computing 15-SP1 SUSE Linux Enterprise High Performance Computing 15-SP2 SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server 15-SP1 SUSE Linux Enterprise Server 15-SP2 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for SAP Applications 15-SP1 SUSE Linux Enterprise Server for SAP Applications 15-SP2 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Linux Enterprise Storage 6 SUSE Linux Enterprise Storage 7 SUSELinux Enterprise Storage 7.1 SUSE Manager Proxy 4.0 SUSE Manager Proxy 4.1 SUSE Manager Proxy 4.2 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.0 SUSE Manager Retail Branch Server 4.1 SUSE Manager Retail Branch Server 4.2 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.0 SUSE Manager Server 4.1 SUSE Manager Server 4.2 SUSE Manager Server 4.3 openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for rubygem-loofah fixes the following issues: - CVE-2019-15587: Fixed issue in sanitization of crafted SVG elements (bsc#1154751). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-3868=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-3868=1 - SUSE Linux Enterprise High Availability 15-SP4: zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2022-3868=1 - SUSE Linux Enterprise High Availability 15-SP3: zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2022-3868=1 - SUSE Linux Enterprise High Availability 15-SP2: zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2022-3868=1 - SUSE Linux Enterprise High Availability 15-SP1: zypper in -t patch SUSE-SLE-Product-HA-15-SP1-2022-3868=1 - SUSE Linux Enterprise High Availability 15: zypper in -t patch SUSE-SLE-Product-HA-15-2022-3868=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390xx86_64): ruby2.5-rubygem-loofah-2.2.2-150000.4.6.1 ruby2.5-rubygem-loofah-doc-2.2.2-150000.4.6.1 ruby2.5-rubygem-loofah-testsuite-2.2.2-150000.4.6.1 - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): ruby2.5-rubygem-loofah-2.2.2-150000.4.6.1 ruby2.5-rubygem-loofah-doc-2.2.2-150000.4.6.1 ruby2.5-rubygem-loofah-testsuite-2.2.2-150000.4.6.1 - SUSE Linux Enterprise High Availability 15-SP4 (aarch64 ppc64le s390x x86_64): ruby2.5-rubygem-loofah-2.2.2-150000.4.6.1 - SUSE Linux Enterprise High Availability 15-SP3 (aarch64 ppc64le s390x x86_64): ruby2.5-rubygem-loofah-2.2.2-150000.4.6.1 - SUSE Linux Enterprise High Availability 15-SP2 (aarch64 ppc64le s390x x86_64): ruby2.5-rubygem-loofah-2.2.2-150000.4.6.1 - SUSE Linux Enterprise High Availability 15-SP1 (aarch64 ppc64le s390x x86_64): ruby2.5-rubygem-loofah-2.2.2-150000.4.6.1 - SUSE Linux Enterprise High Availability 15 (aarch64 ppc64le s390x x86_64): ruby2.5-rubygem-loofah-2.2.2-150000.4.6.1 References: https://www.suse.com/security/cve/CVE-2019-15587.html https://bugzilla.suse.com/1154751 . SUSE Security Notice for rubygem-nokogiri (SUSE-SU-2022:3869-1) addresses a critical XML parsing vulnerability.. SUSE Security Update,rubygem-loofah,moderate security fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 04, 2022 Important SuSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderatepackage update

SUSE: 2022:2752-1 Moderate: python-codecov Sanitization Issue

An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for python-codecov ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:2752-1 Rating: moderate References: #1201494 Cross-References: CVE-2019-10800 CVSS scores: CVE-2019-10800 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python-codecov fixes the following issues: - CVE-2019-10800: Fixed sanitization of gcov arguments before being being provided to the popen method (bsc#1201494). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-2752=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-2752=1 Package List: - openSUSE Leap 15.4 (noarch): python3-codecov-2.0.15-150100.3.3.1 - openSUSE Leap 15.3 (noarch): python2-codecov-2.0.15-150100.3.3.1 python3-codecov-2.0.15-150100.3.3.1 References: https://www.suse.com/security/cve/CVE-2019-10800.html https://bugzilla.suse.com/1201494 . SUSE has released a security patch for python-codecov, resolving a moderate vulnerability related to input sanitization identified as CVE-2019-10800.. openSUSE security patch, python-codecov update, security vulnerabilities. . LinuxSecurity.com Team

Calendar 2 Aug 10, 2022 SuSE
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoracritical patch

Fedora 35: 2022-cece1d07d9 Critical: Python3.6 Sanitization Problem

Security fix for CVE-2015-20107. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-cece1d07d9 2022-06-19 00:50:44.344958 --------------------------------------------------------------------------------Name : python3.6 Product : Fedora 35 Version : 3.6.15 Release : 3.fc35 URL : https://www.python.org/ Summary : Version 3.6 of the Python interpreter Description : Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software Collections or older Fedora releases. --------------------------------------------------------------------------------Update Information: Security fix for CVE-2015-20107 --------------------------------------------------------------------------------ChangeLog: * Fri Jun 10 2022 Charalampos Stratakis - 3.6.15-3 - Security fix for CVE-2015-20107 Resolves: rhbz#2075390 --------------------------------------------------------------------------------References: [ 1 ] Bug #2076513 - CVE-2015-20107 python3.6: python(mailcap): findmatch() function does not sanitise the second argument [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2076513 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-cece1d07d9' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Urgent update for Fedora 35 Python 3.6 tackling CVE-2015-20108 highlights significant enhancements in code cleanliness.. Fedora Python Update, Python Security Fix, CVE-2015-20107 Patch. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 18, 2022 Critical Fedora
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderateupdate

SUSE Linux Enterprise 2022:1140-1 Moderate: Python Security Fixes

An update that solves two vulnerabilities, contains one feature and has one errata is now available. . SUSE Security Update: Security update for python ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1140-1 Rating: moderate References: #1187784 #1194146 #1195396 SLE-18105 Cross-References: CVE-2021-4189 CVE-2022-0391 CVSS scores: CVE-2021-4189 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2022-0391 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2022-0391 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: SUSE Linux Enterprise Desktop 12-SP5 SUSE Linux Enterprise Server 12-SP4-LTSS SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP 12-SP4 SUSE Linux Enterprise Server for SAP Applications 12-SP5 SUSE Linux Enterprise Workstation Extension 12-SP5 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 9 ______________________________________________________________________________ An update that solves two vulnerabilities, contains one feature and has one errata is now available. Description: This update for python rebuilds python against a symbol versioned openssl 1.0.2 to allow usage with openssl 1.1.1. Also the following security issues are fixed: - CVE-2022-0391: Fixed sanitizing URLs containing ASCII newline and tabs in urlparse (bsc#1195396). - CVE-2021-4189: Make ftplib not trust the PASV response (bsc#1194146). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 9: zypper in -t patchSUSE-OpenStack-Cloud-Crowbar-9-2022-1140=1 - SUSE OpenStack Cloud 9: zypper in -t patch SUSE-OpenStack-Cloud-9-2022-1140=1 - SUSE Linux Enterprise Workstation Extension 12-SP5: zypper in -t patch SUSE-SLE-WE-12-SP5-2022-1140=1 - SUSE Linux Enterprise Server for SAP 12-SP4: zypper in -t patch SUSE-SLE-SAP-12-SP4-2022-1140=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-1140=1 - SUSE Linux Enterprise Server 12-SP4-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2022-1140=1 Package List: - SUSE OpenStack Cloud Crowbar 9 (noarch): python-doc-2.7.18-33.8.1 python-doc-pdf-2.7.18-33.8.1 - SUSE OpenStack Cloud Crowbar 9 (x86_64): libpython2_7-1_0-2.7.18-33.8.1 libpython2_7-1_0-32bit-2.7.18-33.8.1 libpython2_7-1_0-debuginfo-2.7.18-33.8.1 libpython2_7-1_0-debuginfo-32bit-2.7.18-33.8.1 python-2.7.18-33.8.1 python-32bit-2.7.18-33.8.1 python-base-2.7.18-33.8.1 python-base-32bit-2.7.18-33.8.1 python-base-debuginfo-2.7.18-33.8.1 python-base-debuginfo-32bit-2.7.18-33.8.1 python-base-debugsource-2.7.18-33.8.1 python-curses-2.7.18-33.8.1 python-curses-debuginfo-2.7.18-33.8.1 python-debuginfo-2.7.18-33.8.1 python-debuginfo-32bit-2.7.18-33.8.1 python-debugsource-2.7.18-33.8.1 python-demo-2.7.18-33.8.1 python-devel-2.7.18-33.8.1 python-gdbm-2.7.18-33.8.1 python-gdbm-debuginfo-2.7.18-33.8.1 python-idle-2.7.18-33.8.1 python-tk-2.7.18-33.8.1 python-tk-debuginfo-2.7.18-33.8.1 python-xml-2.7.18-33.8.1 python-xml-debuginfo-2.7.18-33.8.1 - SUSE OpenStack Cloud 9 (x86_64): libpython2_7-1_0-2.7.18-33.8.1 libpython2_7-1_0-32bit-2.7.18-33.8.1 libpython2_7-1_0-debuginfo-2.7.18-33.8.1 libpython2_7-1_0-debuginfo-32bit-2.7.18-33.8.1 python-2.7.18-33.8.1 python-32bit-2.7.18-33.8.1 python-base-2.7.18-33.8.1 python-base-32bit-2.7.18-33.8.1 python-base-debuginfo-2.7.18-33.8.1 python-base-debuginfo-32bit-2.7.18-33.8.1 python-base-debugsource-2.7.18-33.8.1 python-curses-2.7.18-33.8.1 python-curses-debuginfo-2.7.18-33.8.1 python-debuginfo-2.7.18-33.8.1 python-debuginfo-32bit-2.7.18-33.8.1 python-debugsource-2.7.18-33.8.1 python-demo-2.7.18-33.8.1 python-devel-2.7.18-33.8.1 python-gdbm-2.7.18-33.8.1 python-gdbm-debuginfo-2.7.18-33.8.1 python-idle-2.7.18-33.8.1 python-tk-2.7.18-33.8.1 python-tk-debuginfo-2.7.18-33.8.1 python-xml-2.7.18-33.8.1 python-xml-debuginfo-2.7.18-33.8.1 - SUSE OpenStack Cloud 9 (noarch): python-doc-2.7.18-33.8.1 python-doc-pdf-2.7.18-33.8.1 - SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64): python-base-debuginfo-2.7.18-33.8.1 python-base-debugsource-2.7.18-33.8.1 python-devel-2.7.18-33.8.1 - SUSE Linux Enterprise Server for SAP 12-SP4 (ppc64le x86_64): libpython2_7-1_0-2.7.18-33.8.1 libpython2_7-1_0-debuginfo-2.7.18-33.8.1 python-2.7.18-33.8.1 python-base-2.7.18-33.8.1 python-base-debuginfo-2.7.18-33.8.1 python-base-debugsource-2.7.18-33.8.1 python-curses-2.7.18-33.8.1 python-curses-debuginfo-2.7.18-33.8.1 python-debuginfo-2.7.18-33.8.1 python-debugsource-2.7.18-33.8.1 python-demo-2.7.18-33.8.1 python-devel-2.7.18-33.8.1 python-gdbm-2.7.18-33.8.1 python-gdbm-debuginfo-2.7.18-33.8.1 python-idle-2.7.18-33.8.1 python-tk-2.7.18-33.8.1 python-tk-debuginfo-2.7.18-33.8.1 python-xml-2.7.18-33.8.1 python-xml-debuginfo-2.7.18-33.8.1 - SUSE Linux Enterprise Server for SAP 12-SP4 (noarch): python-doc-2.7.18-33.8.1 python-doc-pdf-2.7.18-33.8.1 - SUSE Linux Enterprise Server for SAP 12-SP4 (x86_64): libpython2_7-1_0-32bit-2.7.18-33.8.1 libpython2_7-1_0-debuginfo-32bit-2.7.18-33.8.1 python-32bit-2.7.18-33.8.1 python-base-32bit-2.7.18-33.8.1 python-base-debuginfo-32bit-2.7.18-33.8.1 python-debuginfo-32bit-2.7.18-33.8.1 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): libpython2_7-1_0-2.7.18-33.8.1 libpython2_7-1_0-debuginfo-2.7.18-33.8.1 python-2.7.18-33.8.1 python-base-2.7.18-33.8.1 python-base-debuginfo-2.7.18-33.8.1 python-base-debugsource-2.7.18-33.8.1 python-curses-2.7.18-33.8.1 python-curses-debuginfo-2.7.18-33.8.1 python-debuginfo-2.7.18-33.8.1 python-debugsource-2.7.18-33.8.1 python-demo-2.7.18-33.8.1 python-devel-2.7.18-33.8.1 python-gdbm-2.7.18-33.8.1 python-gdbm-debuginfo-2.7.18-33.8.1 python-idle-2.7.18-33.8.1 python-tk-2.7.18-33.8.1 python-tk-debuginfo-2.7.18-33.8.1 python-xml-2.7.18-33.8.1 python-xml-debuginfo-2.7.18-33.8.1 - SUSE Linux Enterprise Server 12-SP5 (s390x x86_64): libpython2_7-1_0-32bit-2.7.18-33.8.1 libpython2_7-1_0-debuginfo-32bit-2.7.18-33.8.1 python-32bit-2.7.18-33.8.1 python-base-32bit-2.7.18-33.8.1 python-base-debuginfo-32bit-2.7.18-33.8.1 python-debuginfo-32bit-2.7.18-33.8.1 - SUSE Linux Enterprise Server 12-SP5 (noarch): python-doc-2.7.18-33.8.1 python-doc-pdf-2.7.18-33.8.1 - SUSE Linux Enterprise Server 12-SP4-LTSS (aarch64 ppc64le s390x x86_64): libpython2_7-1_0-2.7.18-33.8.1 libpython2_7-1_0-debuginfo-2.7.18-33.8.1 python-2.7.18-33.8.1 python-base-2.7.18-33.8.1 python-base-debuginfo-2.7.18-33.8.1 python-base-debugsource-2.7.18-33.8.1 python-curses-2.7.18-33.8.1 python-curses-debuginfo-2.7.18-33.8.1 python-debuginfo-2.7.18-33.8.1 python-debugsource-2.7.18-33.8.1 python-demo-2.7.18-33.8.1 python-devel-2.7.18-33.8.1 python-gdbm-2.7.18-33.8.1 python-gdbm-debuginfo-2.7.18-33.8.1 python-idle-2.7.18-33.8.1 python-tk-2.7.18-33.8.1 python-tk-debuginfo-2.7.18-33.8.1 python-xml-2.7.18-33.8.1 python-xml-debuginfo-2.7.18-33.8.1 - SUSE Linux Enterprise Server 12-SP4-LTSS (s390x x86_64): libpython2_7-1_0-32bit-2.7.18-33.8.1 libpython2_7-1_0-debuginfo-32bit-2.7.18-33.8.1 python-32bit-2.7.18-33.8.1 python-base-32bit-2.7.18-33.8.1 python-base-debuginfo-32bit-2.7.18-33.8.1 python-debuginfo-32bit-2.7.18-33.8.1 - SUSE Linux Enterprise Server 12-SP4-LTSS (noarch): python-doc-2.7.18-33.8.1 python-doc-pdf-2.7.18-33.8.1 References: https://www.suse.com/security/cve/CVE-2021-4189.html https://www.suse.com/security/cve/CVE-2022-0391.html https://bugzilla.suse.com/1187784 https://bugzilla.suse.com/1194146 https://bugzilla.suse.com/1195396 . SUSE has rolled out a security update targeting vulnerabilities in Python, strengthening overall system safety. Make sure to apply the necessary patches to reduce potential threats.. Python Security Update, SUSE Patch, Security Vulnerabilities. . LinuxSecurity.com Team

Calendar 2 Apr 08, 2022 SuSE
Banner 4 1028x280 1708121825 1771600306
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorymoderateXSS

Mageia 7: MGASA-2021-0010 Moderate: SquirrelMail XSS Attack Risk

XSS was discovered in SquirrelMail through 1.4.22. Due to improper handling of RCDATA and RAWTEXT type elements, the built-in sanitization mechanism can be bypassed. Malicious script content from HTML e-mail can be executed within the application context via crafted use of (for example) a NOEMBED, NOFRAMES, NOSCRIPT, or TEXTAREA element (). . MGASA-2021-0010 - Updated squirrelmail packages fix security vulnerabilities Publication date: 08 Jan 2021 URL: https://advisories.mageia.org/MGASA-2021-0010.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-12970 XSS was discovered in SquirrelMail through 1.4.22. Due to improper handling of RCDATA and RAWTEXT type elements, the built-in sanitization mechanism can be bypassed. Malicious script content from HTML e-mail can be executed within the application context via crafted use of (for example) a NOEMBED, NOFRAMES, NOSCRIPT, or TEXTAREA element (). An unsafe use of unserialize() in compose.php has also been fixed. References: - https://bugs.mageia.org/show_bug.cgi?id=27821 - https://www.openwall.com/lists/oss-security/2020/06/20/1 - https://ubuntu.com/security/notices/USN-4669-1 - https://www.cve.org/CVERecord?id=CVE-2019-12970 SRPMS: - 7/core/squirrelmail-1.4.23-0.svn20201220_0200.1.mga7 . Vulnerable code execution in SquirrelMail caused by input validation error. Patch available to address discovered security vulnerabilities promptly.. SquirrelMail Security,Mageia XSS,Mageia Security Patch,SquirrelMail Update,XSS Attack Prevention. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 08, 2021 Important Mageia
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorysoftware updateubuntu

Ubuntu 16.04 LTS: USN-4498-1 Critical Loofah XSS Security Advisory

Loofah could be made to perform XSS attacks if a crafted SVG element is republished. =========================================================================Ubuntu Security Notice USN-4498-1 September 15, 2020 ruby-loofah vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: Loofah could be made to perform XSS attacks if a crafted SVG element is republished Software Description: - ruby-loofah: manipulation and transformation of HTML/XML documents and fragments Details: It was discovered that Loofah does not properly sanitize JavaScript in sanitized output. An attacker could possibly use this issue to perform XSS attacks. (CVE-2019-15587) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: ruby-loofah 2.0.3-2+deb9u3build0.16.04.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4498-1 CVE-2019-15587 Package Information: https://launchpad.net/ubuntu/+source/ruby-loofah/2.0.3-2+deb9u3build0.16.04.1 . The Ubuntu Security Notice USN-4500-1 highlights a vulnerability in the OpenSSL library that could potentially permit remote code execution via malformed Cert files.. Loofah Security, XSS Attack Ubuntu, Ruby Sanitization Issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 15, 2020 Critical Ubuntu
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here