Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 2 articles for you...
89
security advisoryfedorasecurity bugFedora 43: kf6-knotifications Security Update 2025-0cc929ff17
PySide6 6.10.1 update. Pyside6 6.10.1 release. Rebuilt with stb_image patched for two new security bugs.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-0cc929ff17 2025-12-04 00:51:14.440721+00:00 -------------------------------------------------------------------------------- Name : kf6-knotifications Product : Fedora 43 Version : 6.20.0 Release : 2.fc43 URL : https://invent.kde.org/frameworks/knotifications Summary : KDE Frameworks 6 Tier 2 solution with abstraction for system notifications Description : KDE Frameworks 6 Tier 3 solution with abstraction for system notifications. -------------------------------------------------------------------------------- Update Information: PySide6 6.10.1 update. Pyside6 6.10.1 release. Rebuilt with stb_image patched for two new security bugs. -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 2 2025 Jan Grulich - 6.20.0-2 - Rebuild (python-pyside6) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2400455 - python-pyside6-6.10.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2400455 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-0cc929ff17' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list
Dec 04, 2025
•Important
Fedora
89
security advisoryfedorapatchFedora 43: python-pyside6 Security Update for 2025-0cc929ff17
PySide6 6.10.1 update. Pyside6 6.10.1 release. Rebuilt with stb_image patched for two new security bugs.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-0cc929ff17 2025-12-04 00:51:14.440721+00:00 -------------------------------------------------------------------------------- Name : python-pyside6 Product : Fedora 43 Version : 6.10.1 Release : 2.fc43 URL : https://wiki.qt.io/Qt_for_Python Summary : Python bindings for the Qt 6 cross-platform application and UI framework Description : PySide6 is the official Python module from the Qt for Python project, which provides access to the complete Qt 6+ framework. -------------------------------------------------------------------------------- Update Information: PySide6 6.10.1 update. Pyside6 6.10.1 release. Rebuilt with stb_image patched for two new security bugs. -------------------------------------------------------------------------------- ChangeLog: * Tue Dec 2 2025 Jan Grulich - 6.10.1-2 - Fix cmake config files * Mon Dec 1 2025 Jan Grulich - 6.10.1-1 - 6.10.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2400455 - python-pyside6-6.10.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2400455 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-0cc929ff17' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list --
Dec 04, 2025
•Important
Fedora
202
security advisoryimportantkernelopenSUSE: Linux Kernel Important Security Fix 2025:02852-1
An update that solves 29 vulnerabilities and has five security fixes can now be installed.. # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:02852-1 Release Date: 2025-08-18T15:58:14Z Rating: important References: * bsc#1206051 * bsc#1221829 * bsc#1233551 * bsc#1234480 * bsc#1234863 * bsc#1236104 * bsc#1236333 * bsc#1237164 * bsc#1238160 * bsc#1239644 * bsc#1240799 * bsc#1242414 * bsc#1242417 * bsc#1244309 * bsc#1244523 * bsc#1245217 * bsc#1245431 * bsc#1245506 * bsc#1245711 * bsc#1245986 * bsc#1246000 * bsc#1246029 * bsc#1246037 * bsc#1246045 * bsc#1246073 * bsc#1246186 * bsc#1246287 * bsc#1246555 * bsc#1246781 * bsc#1247314 * bsc#1247347 * bsc#1247348 * bsc#1247349 * bsc#1247437 Cross-References: * CVE-2022-49138 * CVE-2022-49770 * CVE-2023-52923 * CVE-2023-52927 * CVE-2024-26643 * CVE-2024-53057 * CVE-2024-53164 * CVE-2024-57947 * CVE-2025-21701 * CVE-2025-21971 * CVE-2025-37797 * CVE-2025-37798 * CVE-2025-38079 * CVE-2025-38088 * CVE-2025-38120 * CVE-2025-38177 * CVE-2025-38181 * CVE-2025-38200 * CVE-2025-38206 * CVE-2025-38212 * CVE-2025-38213 * CVE-2025-38257 * CVE-2025-38289 * CVE-2025-38350 * CVE-2025-38468 * CVE-2025-38477 * CVE-2025-38494 * CVE-2025-38495 * CVE-2025-38497 CVSS scores: * CVE-2022-49138 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2022-49138 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-49770 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52923 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52923 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52927 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-52927 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52927 ( NVD ): 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26643 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26643 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53057 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53164 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-53164 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-57947 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-57947 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21701 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-21971 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-21971 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37797 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-37798 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38079 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38079 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38088 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38088 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38120 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-38120 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2025-38177 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38177 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38181 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N *CVE-2025-38181 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38200 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38200 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H * CVE-2025-38206 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38206 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38212 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38212 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38213 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38213 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38257 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38257 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38289 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38289 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38350 ( SUSE ): 7.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38350 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2025-38468 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38468 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-38477 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38477 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38494 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38494 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38495 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-38495 ( SUSE ): 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-38497 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-38497 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Micro 5.5 An update that solves 29 vulnerabilities and has five security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-49138: Bluetooth: hci_event: Fix checking conn for le_conn_complete_evt (bsc#1238160). * CVE-2023-52923: netfilter: nf_tables: split async and sync catchall in two functions (bsc#1236104). * CVE-2023-52927: netfilter: allow exp not to be removed in nf_ct_find_expectation (bsc#1239644). * CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with timeout (bsc#1221829). * CVE-2024-53057: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (bsc#1233551). * CVE-2024-53164: net: sched: fix ordering of qlen adjustment (bsc#1234863). * CVE-2025-21701: net: avoid race between device unregistration and ethnl ops (bsc#1237164). * CVE-2025-21971: net_sched: Prevent creation of classes with TC_H_ROOT (bsc#1240799). * CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling (bsc#1242417). * CVE-2025-38079: crypto: algif_hash - fix double free in hash_accept (bsc#1245217). * CVE-2025-38181: calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (bsc#1246000). * CVE-2025-38200: i40e: fix MMIO write access to an invalid page in i40e_clear_hw (bsc#1246045). * CVE-2025-38206: exfat: fix double free in delayed_free (bsc#1246073). * CVE-2025-38212: ipc: fix to protect IPCS lookups using RCU (bsc#1246029). * CVE-2025-38213: vgacon: Add check for vc_origin address range in vgacon_scroll() (bsc#1246037). * CVE-2025-38257: s390/pkey: Prevent overflow in sizecalculation for memdup_user() (bsc#1246186). * CVE-2025-38289: scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (bsc#1246287). * CVE-2025-38350: net/sched: Always pass notifications when child class becomes empty (bsc#1246781). * CVE-2025-38468: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (bsc#1247437). * CVE-2025-38477: net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (bsc#1247314). * CVE-2025-38494: HID: core: do not bypass hid_hw_raw_request (bsc#1247349). * CVE-2025-38495: HID: core: ensure the allocated report buffer can contain the reserved report ID (bsc#1247348). * CVE-2025-38497: usb: gadget: configfs: Fix OOB read on empty string write (bsc#1247347). The following non-security bugs were fixed: * Revert "hugetlb: unshare some PMDs when splitting VMAs" (bsc#1245431). * Revert "mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race" * Revert "mm/hugetlb: unshare page tables during VMA split, not before" * bnxt_en: Fix GSO type for HW GRO packets on 5750X chips (bsc#1244523). * net: usb: usbnet: restore usb%d name exception for local mac addresses (bsc#1234480 bsc#1246555). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-2852=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-2852=1 ## Package List: * openSUSE Leap 15.5 (noarch) * kernel-source-rt-5.14.21-150500.13.103.2 * kernel-devel-rt-5.14.21-150500.13.103.2 * openSUSE Leap 15.5 (x86_64) * kernel-rt-livepatch-5.14.21-150500.13.103.2 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.103.2 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.103.2 *kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.103.2 * ocfs2-kmp-rt-5.14.21-150500.13.103.2 * reiserfs-kmp-rt-5.14.21-150500.13.103.2 * kselftests-kmp-rt-5.14.21-150500.13.103.2 * kernel-rt-devel-5.14.21-150500.13.103.2 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.103.2 * kernel-rt-optional-debuginfo-5.14.21-150500.13.103.2 * kernel-rt_debug-debugsource-5.14.21-150500.13.103.2 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.103.2 * kernel-rt-optional-5.14.21-150500.13.103.2 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.103.2 * kernel-rt-devel-debuginfo-5.14.21-150500.13.103.2 * kernel-rt-extra-debuginfo-5.14.21-150500.13.103.2 * kernel-rt-vdso-5.14.21-150500.13.103.2 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.103.2 * cluster-md-kmp-rt-5.14.21-150500.13.103.2 * kernel-rt_debug-vdso-5.14.21-150500.13.103.2 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.103.2 * dlm-kmp-rt-5.14.21-150500.13.103.2 * kernel-rt-debuginfo-5.14.21-150500.13.103.2 * kernel-rt-extra-5.14.21-150500.13.103.2 * gfs2-kmp-rt-5.14.21-150500.13.103.2 * kernel-rt-livepatch-devel-5.14.21-150500.13.103.2 * kernel-rt_debug-debuginfo-5.14.21-150500.13.103.2 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.103.2 * kernel-rt_debug-devel-5.14.21-150500.13.103.2 * kernel-rt-debugsource-5.14.21-150500.13.103.2 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.103.2 * kernel-rt_debug-5.14.21-150500.13.103.2 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-rt-5.14.21-150500.13.103.2 * kernel-devel-rt-5.14.21-150500.13.103.2 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.103.2 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debuginfo-5.14.21-150500.13.103.2 * kernel-rt-debugsource-5.14.21-150500.13.103.2 ## References: * https://www.suse.com/security/cve/CVE-2022-49138.html * https://www.suse.com/security/cve/CVE-2022-49770.html *https://www.suse.com/security/cve/CVE-2023-52923.html * https://www.suse.com/security/cve/CVE-2023-52927.html * https://www.suse.com/security/cve/CVE-2024-26643.html * https://www.suse.com/security/cve/CVE-2024-53057.html * https://www.suse.com/security/cve/CVE-2024-53164.html * https://www.suse.com/security/cve/CVE-2024-57947.html * https://www.suse.com/security/cve/CVE-2025-21701.html * https://www.suse.com/security/cve/CVE-2025-21971.html * https://www.suse.com/security/cve/CVE-2025-37797.html * https://www.suse.com/security/cve/CVE-2025-37798.html * https://www.suse.com/security/cve/CVE-2025-38079.html * https://www.suse.com/security/cve/CVE-2025-38088.html * https://www.suse.com/security/cve/CVE-2025-38120.html * https://www.suse.com/security/cve/CVE-2025-38177.html * https://www.suse.com/security/cve/CVE-2025-38181.html * https://www.suse.com/security/cve/CVE-2025-38200.html * https://www.suse.com/security/cve/CVE-2025-38206.html * https://www.suse.com/security/cve/CVE-2025-38212.html * https://www.suse.com/security/cve/CVE-2025-38213.html * https://www.suse.com/security/cve/CVE-2025-38257.html * https://www.suse.com/security/cve/CVE-2025-38289.html * https://www.suse.com/security/cve/CVE-2025-38350.html * https://www.suse.com/security/cve/CVE-2025-38468.html * https://www.suse.com/security/cve/CVE-2025-38477.html * https://www.suse.com/security/cve/CVE-2025-38494.html * https://www.suse.com/security/cve/CVE-2025-38495.html * https://www.suse.com/security/cve/CVE-2025-38497.html * https://bugzilla.suse.com/show_bug.cgi?id=1206051 * https://bugzilla.suse.com/show_bug.cgi?id=1221829 * https://bugzilla.suse.com/show_bug.cgi?id=1233551 * https://bugzilla.suse.com/show_bug.cgi?id=1234480 * https://bugzilla.suse.com/show_bug.cgi?id=1234863 * https://bugzilla.suse.com/show_bug.cgi?id=1236104 * https://bugzilla.suse.com/show_bug.cgi?id=1236333 * https://bugzilla.suse.com/show_bug.cgi?id=1237164 *https://bugzilla.suse.com/show_bug.cgi?id=1238160 * https://bugzilla.suse.com/show_bug.cgi?id=1239644 * https://bugzilla.suse.com/show_bug.cgi?id=1240799 * https://bugzilla.suse.com/show_bug.cgi?id=1242414 * https://bugzilla.suse.com/show_bug.cgi?id=1242417 * https://bugzilla.suse.com/show_bug.cgi?id=1244309 * https://bugzilla.suse.com/show_bug.cgi?id=1244523 * https://bugzilla.suse.com/show_bug.cgi?id=1245217 * https://bugzilla.suse.com/show_bug.cgi?id=1245431 * https://bugzilla.suse.com/show_bug.cgi?id=1245506 * https://bugzilla.suse.com/show_bug.cgi?id=1245711 * https://bugzilla.suse.com/show_bug.cgi?id=1245986 * https://bugzilla.suse.com/show_bug.cgi?id=1246000 * https://bugzilla.suse.com/show_bug.cgi?id=1246029 * https://bugzilla.suse.com/show_bug.cgi?id=1246037 * https://bugzilla.suse.com/show_bug.cgi?id=1246045 * https://bugzilla.suse.com/show_bug.cgi?id=1246073 * https://bugzilla.suse.com/show_bug.cgi?id=1246186 * https://bugzilla.suse.com/show_bug.cgi?id=1246287 * https://bugzilla.suse.com/show_bug.cgi?id=1246555 * https://bugzilla.suse.com/show_bug.cgi?id=1246781 * https://bugzilla.suse.com/show_bug.cgi?id=1247314 * https://bugzilla.suse.com/show_bug.cgi?id=1247347 * https://bugzilla.suse.com/show_bug.cgi?id=1247348 * https://bugzilla.suse.com/show_bug.cgi?id=1247349 * https://bugzilla.suse.com/show_bug.cgi?id=1247437 . Resolve critical security flaws in the Linux Kernel through the newest openSUSE upgrade, tackling essential vulnerabilities.. openSUSE update, kernel security, important bug fixes. . Severity: Important. LinuxSecurity.com Team
Aug 18, 2025
•Important
OpenSUSE
89
security advisoryfedorasoftware updateFedora 33: 2021-5f7da70bfe Moderate: Monitorix Basic Auth Bypass Fix
Security fix for [CVE-2021-3325]. This new version fixes a security bug introduced in the 3.13.0 version that lead the HTTP built-in server to bypass the Basic Authentication when the option hosts_deny is not defined, which is the default. Besides this fix, this version also updates the main configuration file to add the option hosts_deny = all by default inside the auth subsection,. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-5f7da70bfe 2021-02-05 01:57:58.090629 --------------------------------------------------------------------------------Name : monitorix Product : Fedora 33 Version : 3.13.1 Release : 1.fc33 URL : https://www.monitorix.org/ Summary : A free, open source, lightweight system monitoring tool Description : Monitorix is a free, open source and lightweight system monitoring tool designed to monitor as many services and system resources as possible. It has been created to be used under production Linux/UNIX servers, but due to its simplicity and small size may also be used on embedded devices as well. --------------------------------------------------------------------------------Update Information: Security fix for [CVE-2021-3325]. This new version fixes a security bug introduced in the 3.13.0 version that lead the HTTP built-in server to bypass the Basic Authentication when the option hosts_deny is not defined, which is the default. Besides this fix, this version also updates the main configuration file to add the option hosts_deny = all by default inside the auth subsection, in an attempt to make the default behaviour more clear. All users using the 3.13.0 version are advised and encouraged to upgrade to this new version, which resolves the security issue. ---- This new version introduces three new modules: the long-awaited pgsql.pm capable of monitoring up to 9 databases of an unlimited number of PostgreSQL servers, the redis.pm and tinyproxy.pm whichare both also capable of monitoring an unlimited number of Redis and Tinyproxy servers respectively. This version also includes some interesting new features. The new CSS theming support will allow people to create their own color themes. The new support for the ss command in port.pm and nginx.pm modules. The ability to map the device names and also to include a title name in disk.pm module. The new stacked visualization of network stats available on a number of modules, and more. Also with this new version, Monitorix is able to be executed as a regular user instead of root. This is of course subject to the capabilities of each module to get statistics without using the superuser. The rest of new features, changes and bugs fixed are, as always, reflected in the Changes file. --------------------------------------------------------------------------------ChangeLog: * Wed Jan 27 2021 Jordi Sanfeliu - 3.13.1-1 - Updated to 3.13.1. * Fri Jan 22 2021 Jordi Sanfeliu - 3.13.0-1 - Updated to 3.13.0. --------------------------------------------------------------------------------References: [ 1 ] Bug #1920998 - monitorix-3.13.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=1920998 [ 2 ] Bug #1921333 - CVE-2021-3325 monitorix: Basic Authentication bypass in a default installatio [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1921333 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-5f7da70bfe' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Feb 04, 2021
•Important
Fedora
89
security advisoryfedoraupdateFedora 34: 2021-8a1d3e4e3b Urgent: Firefox Vulnerability Patch
Update to 87.0.4280.88. As with pretty much every chromium release ever, this fixes some security bugs. This batch is: CVE-2020-16037 CVE-2020-16038 CVE-2020-16039 CVE-2020-16040 CVE-2020-16041 CVE-2020-16042. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-5b9c42f1b9 2020-12-21 01:34:34.881555 --------------------------------------------------------------------------------Name : chromium Product : Fedora 32 Version : 87.0.4280.88 Release : 1.fc32 URL : https://www.chromium.org/Home/ Summary : A WebKit (Blink) powered web browser Description : Chromium is an open-source web browser, powered by WebKit (Blink). --------------------------------------------------------------------------------Update Information: Update to 87.0.4280.88. As with pretty much every chromium release ever, this fixes some security bugs. This batch is: CVE-2020-16037 CVE-2020-16038 CVE-2020-16039 CVE-2020-16040 CVE-2020-16041 CVE-2020-16042 --------------------------------------------------------------------------------ChangeLog: * Thu Dec 3 2020 Tom Callaway - 87.0.4280.88-1 - update to 87.0.4280.88 --------------------------------------------------------------------------------References: [ 1 ] Bug #1904510 - CVE-2020-16037 chromium-browser: Use after free in clipboard https://bugzilla.redhat.com/show_bug.cgi?id=1904510 [ 2 ] Bug #1904511 - CVE-2020-16038 chromium-browser: Use after free in media https://bugzilla.redhat.com/show_bug.cgi?id=1904511 [ 3 ] Bug #1904512 - CVE-2020-16039 chromium-browser: Use after free in extensions https://bugzilla.redhat.com/show_bug.cgi?id=1904512 [ 4 ] Bug #1904513 - CVE-2020-16040 chromium-browser: Insufficient data validation in V8 https://bugzilla.redhat.com/show_bug.cgi?id=1904513 [ 5 ] Bug #1904514 - CVE-2020-16041 chromium-browser: Out of bounds read in networking https://bugzilla.redhat.com/show_bug.cgi?id=1904514 [ 6 ] Bug #1904515 - CVE-2020-16042 chromium-browser: Uninitialized Use in V8 https://bugzilla.redhat.com/show_bug.cgi?id=1904515 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-5b9c42f1b9' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Dec 20, 2020
•Critical
Fedora
202
security advisoryupdateremote accessopenSUSE Leap 42.3: 2018:0158-1 Important: xmltooling Security Issue
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for xmltooling ______________________________________________________________________________ Announcement ID: openSUSE-SU-2018:0158-1 Rating: important References: #1075975 Cross-References: CVE-2018-0486 Affected Products: openSUSE Leap 42.3 openSUSE Leap 42.2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for xmltooling fixes the following issues: - CVE-2018-0486: Fixed a security bug when xmltooling mishandles digital signatures of user attribute data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via a crafted DTD (bsc#1075975) This update was imported from the SUSE:SLE-12-SP1:Update update project. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2018-65=1 - openSUSE Leap 42.2: zypper in -t patch openSUSE-2018-65=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.3 (x86_64): libxmltooling-devel-1.5.6-6.1 libxmltooling6-1.5.6-6.1 libxmltooling6-debuginfo-1.5.6-6.1 xmltooling-debugsource-1.5.6-6.1 xmltooling-schemas-1.5.6-6.1 - openSUSE Leap 42.2 (x86_64): libxmltooling-devel-1.5.6-3.3.1 libxmltooling6-1.5.6-3.3.1 libxmltooling6-debuginfo-1.5.6-3.3.1 xmltooling-debugsource-1.5.6-3.3.1 xmltooling-schemas-1.5.6-3.3.1 References: https://www.suse.com/security/cve/CVE-2018-0486.html https://bugzilla.suse.com/show_bug.cgi?id=1075975 -- . Vital patch released for xmltooling in openSUSE addressing significant security vulnerability to avert potentialthreats.. openSUSE xmltooling update, important security update, xmltooling flaw. . Severity: Important. LinuxSecurity.com Team
Jan 20, 2018
•Important
OpenSUSE
100
security advisorydenial of serviceimportantSUSE: 2017:2801-1 important: Kernel Live Patch Security Bugs
An update that fixes three vulnerabilities is now available. An update that fixes three vulnerabilities is now available. An update that fixes three vulnerabilities is now available.. SUSE Security Update: Security update for Linux Kernel Live Patch 0 for SLE 12 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:2801-1 Rating: important References: #1053150 #1057950 #1062471 Cross-References: CVE-2017-1000251 CVE-2017-12762 CVE-2017-15274 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for the Linux Kernel 4.4.21-69 fixes several issues. The following security bugs were fixed: - CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call (bsc#1062471). - CVE-2017-1000251: The native Bluetooth stack in the Linux Kernel (BlueZ) was vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space (bsc#1057950). - CVE-2017-12762: In drivers/isdn/i4l/isdn_net.c a user-controlled buffer was copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow (bsc#1053150). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-1744=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_21-69-default-10-18.13.1 References: https://www.suse.com/security/cve/CVE-2017-1000251.html https://www.suse.com/security/cve/CVE-2017-12762.html https://www.suse.com/security/cve/CVE-2017-15274.html https://bugzilla.suse.com/1053150 https://bugzilla.suse.com/1057950 https://bugzilla.suse.com/1062471 . Patch updates are essential for fixing significant vulnerabilities in Linux Kernel 0 intended for SLE 12 SP2, ensuring enhanced security measures.. Live Patching, SUSE Linux, Kernel Update, Security Patch, Linux Kernel. . Severity: Important. LinuxSecurity.com Team
Oct 20, 2017
•Important
SuSE
98
security advisoryRed Hat Enterprise Linuxmoderate impactRed Hat Enterprise Linux 7 RHSA-2016:2585-02 Moderate qemu-kvm Flaws
An update for qemu-kvm is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: qemu-kvm security, bug fix, and enhancement update Advisory ID: RHSA-2016:2585-02 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2016:2585.html Issue date: 2016-11-03 CVE Names: CVE-2016-1981 CVE-2016-3712 ==================================================================== 1. Summary: An update for qemu-kvm is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide the user-space component for running virtual machines using KVM. Security Fix(es): * An integer overflow flaw and an out-of-bounds read flaw were found in the way QEMU's VGA emulator set certain VGA registers while in VBE mode. A privileged guest user could use this flaw to crash the QEMU process instance. (CVE-2016-3712) * An infinite loop flaw was found in the way QEMU's e1000 NIC emulation implementation processeddata using transmit or receive descriptors under certain conditions. A privileged user inside a guest could use this flaw to crash the QEMU instance. (CVE-2016-1981) Red Hat would like to thank Zuozhi Fzz (Alibaba Inc.) for reporting CVE-2016-3712. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1156635 - Libvirt is confused that qemu-kvm exposes 'block-job-cancel' but not 'block-stream' 1177318 - Guest using rbd based image as disk failed to start when sandbox was enabled 1252757 - [RHEL-7.2-qmu-kvm] Package is 100% lost when ping from host to Win2012r2 guest with 64000 size 1256741 - "CapsLock" will work as "" when boot a guest with usb-kbd 1265427 - contents of MSR_TSC_AUX are not migrated 1268345 - posix_fallocate emulation on NFS fails with Bad file descriptor if fd is opened O_WRONLY 1268879 - Camera stops work after remote-viewer re-connection [qemu-kvm] 1269738 - Vlan table display repeat four times in qmp when queues=4 1272523 - qemu-kvm build failure race condition in tests/ide-test 1276036 - Crash on QMP input exceeding limits 1277248 - ceph.conf properties override qemu's command-line properties 1283116 - [abrt] qemu-img: get_block_status(): qemu-img killed by SIGABRT 1298570 - CVE-2016-1981 Qemu: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines 1299116 - qemu-img created VMDK images lead to "Not a supported disk format (sparse VMDK version too old)" 1299250 - qemu-img created VMDK images are unbootable 1312289 - "qemu-kvm: /builddir/build/BUILD/qemu-1.5.3/hw/scsi/virtio-scsi.c:533:virtio_scsi_push_event: Assertion `event == 0' failed" after hotplug 20 virtio-scsi disks then hotunplug them 1318712 - CVE-2016-3712 qemu-kvm: Out-of-bounds read when creating weird vga screen surface 1330969 - match the OEM ID and OEM Table ID fields of the FADT and the RSDT to those of the SLIC 1333159 - qemu-kvm doesn't reload udev rules before triggering for kvm device 1336491 - Ship FD connection patches qemu-kvm part 1340971 - qemu: accel=tcg does not implement SSE 4 properly 1346982 - Regression from CVE-2016-3712: windows installer fails to start [rhel-7.3] 1351106 - symbol lookup error: /usr/libexec/qemu-kvm: undefined symbol: libusb_get_port_numbers1355730 - spice-gtk shows outdated screen state after migration [qemu-kvm] 1360137 - GLib-WARNING **: gmem.c:482: custom memory allocation vtable not supported 1367040 - QEMU crash when guest notifies non-existent virtqueue 1371619 - Flags xsaveopt xsavec xgetbv1 are missing on qemu-kvm 1376542 - RHSA-2016-1756 breaks migration of instances 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: qemu-kvm-1.5.3-126.el7.src.rpm x86_64: qemu-img-1.5.3-126.el7.x86_64.rpm qemu-kvm-1.5.3-126.el7.x86_64.rpm qemu-kvm-common-1.5.3-126.el7.x86_64.rpm qemu-kvm-debuginfo-1.5.3-126.el7.x86_64.rpm qemu-kvm-tools-1.5.3-126.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: qemu-kvm-1.5.3-126.el7.src.rpm x86_64: qemu-img-1.5.3-126.el7.x86_64.rpm qemu-kvm-1.5.3-126.el7.x86_64.rpm qemu-kvm-common-1.5.3-126.el7.x86_64.rpm qemu-kvm-debuginfo-1.5.3-126.el7.x86_64.rpm qemu-kvm-tools-1.5.3-126.el7.x86_64.rpm Red Hat Enterprise Linux Server (v.7): Source: qemu-kvm-1.5.3-126.el7.src.rpm ppc64: qemu-img-1.5.3-126.el7.ppc64.rpm qemu-kvm-debuginfo-1.5.3-126.el7.ppc64.rpm ppc64le: qemu-img-1.5.3-126.el7.ppc64le.rpm qemu-kvm-debuginfo-1.5.3-126.el7.ppc64le.rpm x86_64: qemu-img-1.5.3-126.el7.x86_64.rpm qemu-kvm-1.5.3-126.el7.x86_64.rpm qemu-kvm-common-1.5.3-126.el7.x86_64.rpm qemu-kvm-debuginfo-1.5.3-126.el7.x86_64.rpm qemu-kvm-tools-1.5.3-126.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: qemu-kvm-1.5.3-126.el7.src.rpm x86_64: qemu-img-1.5.3-126.el7.x86_64.rpm qemu-kvm-1.5.3-126.el7.x86_64.rpm qemu-kvm-common-1.5.3-126.el7.x86_64.rpm qemu-kvm-debuginfo-1.5.3-126.el7.x86_64.rpm qemu-kvm-tools-1.5.3-126.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2016-1981 https://access.redhat.com/security/cve/CVE-2016-3712 https://access.redhat.com/security/updates/classification#moderate https://docs.redhat.com/en/documentation/Red_Hat_Enterprise_Linux/7/html/7.3_Release_Notes/index.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYGvvmXlSAg2UNWIIRAswfAJ4r+ClkmlELGCAWJmQ/ooxDgA5TEQCgtn5c anezdbeMQJoiVHOzn8xtMbQ=6YJG -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
Nov 03, 2016
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!