Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
202
security advisorymoderatesecurity fixopenSUSE Leap 15.4: nginx Moderate Security Fix SUSE-2025:02733-1
An update that has one security fix can now be installed.. # Security update for nginx Announcement ID: SUSE-SU-2025:02733-1 Release Date: 2025-08-08T08:04:13Z Rating: moderate References: * bsc#1246090 Affected Products: * openSUSE Leap 15.4 An update that has one security fix can now be installed. ## Description: This update for nginx fixes the following issues: Security hardening: \- Drop root priviledges while running logrotatei. (bsc#1246090) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-2733=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * nginx-1.21.5-150400.3.9.1 * nginx-debugsource-1.21.5-150400.3.9.1 * nginx-debuginfo-1.21.5-150400.3.9.1 * openSUSE Leap 15.4 (noarch) * nginx-source-1.21.5-150400.3.9.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1246090 . The latest security patch for openSUSE Leap 15.4 enhances nginx stability, fortifying the system against potential threats through refined hardening techniques.. openSUSE Leap nginx security update patch. . LinuxSecurity.com Team
Aug 08, 2025
OpenSUSE
100
security advisorymoderatepatchopenSUSE Leap 15.3: nginx Moderate Security Issue 2025:02542-1
* bsc#1246090 Affected Products: * openSUSE Leap 15.3 . # Security update for nginx Announcement ID: SUSE-SU-2025:02542-1 Release Date: 2025-07-29T08:58:38Z Rating: moderate References: * bsc#1246090 Affected Products: * openSUSE Leap 15.3 An update that has one security fix can now be installed. ## Description: This update for nginx fixes the following issues: Security hardening: \- Drop root priviledges while running logrotatei. (bsc#1246090) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-2542=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * nginx-1.19.8-150300.3.15.1 * nginx-debugsource-1.19.8-150300.3.15.1 * nginx-debuginfo-1.19.8-150300.3.15.1 * openSUSE Leap 15.3 (noarch) * nginx-source-1.19.8-150300.3.15.1 * vim-plugin-nginx-1.19.8-150300.3.15.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1246090 . A security flaw in nginx may allow privilege escalation for local users. Upgrade to the latest version to avoid unauthorized access risks. SUSE Security Patch, openSUSE nginx Update, moderate security advisory, patch for openSUSE, nginx security fix. . LinuxSecurity.com Team
Jul 29, 2025
SuSE
89
security advisoryFedorasecurity hardeningFedora 29: phpMyAdmin Update FEDORA-2019-3b5a7abe17 Critical CSRF Fix
Upstream announcement: Welcome to **phpMyAdmin 4.9.1**, a bugfix release. This is a regularly-schedule bugfix release that also includes some security hardening measures. We wish to point out that this also includes a routine fix for an issue that has been reported as CVE-2019-12922. The fix for this has been in our release queue to be part of this release, however it is the opinion of. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2019-3b5a7abe17 2019-10-02 01:40:18.127834 --------------------------------------------------------------------------------Name : phpMyAdmin Product : Fedora 29 Version : 4.9.1 Release : 1.fc29 URL : https://www.phpmyadmin.net/ Summary : Handle the administration of MySQL over the World Wide Web Description : phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface (managing databases, tables, fields, relations, indexes, users, permissions), while you still have the ability to directly execute any SQL statement. Features include an intuitive web interface, support for most MySQL features (browse and drop databases, tables, views, fields and indexes, create, copy, drop, rename and alter databases, tables, fields and indexes, maintenance server, databases and tables, with proposals on server configuration, execute, edit and bookmark any SQL-statement, even batch-queries, manage MySQL users and privileges, manage stored procedures and triggers), import data from CSV and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument Text and Spreadsheet, Word, Excel, LATEX and others, administering multiple servers, creating PDF graphics of your database layout, creating complex queries using Query-by-example (QBE), searching globally in a database or a subset of it, transforming stored data into any format using a set of predefinedfunctions, like displaying BLOB-data as image or download-link and much more... --------------------------------------------------------------------------------Update Information: Upstream announcement: Welcome to **phpMyAdmin 4.9.1**, a bugfix release. This is a regularly-schedule bugfix release that also includes some security hardening measures. We wish to point out that this also includes a routine fix for an issue that has been reported as CVE-2019-12922. The fix for this has been in our release queue to be part of this release, however it is the opinion of the team that the reported attack vector did not justify a separate release. This release includes fixes for many bugs, including: * Editing columns with CURRENT_TIMESTAMP for MySQL versions 8.0.13 and newer * Compatibility issues with PHP 8 * Export of GIS visualization * Enhanced descriptions for several collation types * Creating a user with a single quote in the password string * Unexpected quotes during import and export on text fields * Improvements to adding new tables to Designer * Fix an issue where an authenticated user could trigger heavy traffic between the database server and web server * Fix a weakness where an attacker, under certain conditions, working at the same time as an administrator is using the setup script, could delete a server from the setup script There are many, many more bug fixes thanks to the efforts of our developers, Google Summer of Code applicants, and other contributors. The phpMyAdmin team --------------------------------------------------------------------------------ChangeLog: * Sat Sep 21 2019 Remi Collet - 4.9.1-1 - update to 4.9.1 (2019-09-21, bug fix release) - add tarball signature check - allow twig version 2 * Tue Jun 4 2019 Remi Collet - 4.9.0.1-1 - update to 4.9.0.1 (2019-06-04, important security fixes) - raise dependency on phpmyadmin/sql-parser version 4.3.2 * Tue Jan 29 2019 Remi Collet - 4.8.5-1 - update to 4.8.5 (2019-01-26,security fix) * Tue Dec 11 2018 Remi Collet - 4.8.4-1 - update to 4.8.4 (2018-12-11, security fix) --------------------------------------------------------------------------------References: [ 1 ] Bug #1753303 - CVE-2019-12922 phpMyAdmin: a CSRF in the setup page allows deletion of server https://bugzilla.redhat.com/show_bug.cgi?id=1753303 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-3b5a7abe17' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Oct 01, 2019
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!