Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 59 articles for you...
100

SUSE Linux Enterprise Server Important Cosign Update SUSE-SU-2026-1098-1

# Security update for cosign Announcement ID: SUSE-SU-2026:1098-1 Release Date: 2026-03-26T21:24:08Z Rating: important References:. # Security update for cosign Announcement ID: SUSE-SU-2026:1098-1 Release Date: 2026-03-26T21:24:08Z Rating: important References: Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that can now be installed. ## Description: This update for cosign rebuilds it against the current go 1.25 security release. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1098=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-1098=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1098=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1098=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1098=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1098=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1098=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1098=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1098=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1098=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1098=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1098=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1098=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * cosign-debuginfo-3.0.5-150400.3.37.1 * cosign-3.0.5-150400.3.37.1 * openSUSE Leap 15.4 (noarch) * cosign-bash-completion-3.0.5-150400.3.37.1 * cosign-zsh-completion-3.0.5-150400.3.37.1 * cosign-fish-completion-3.0.5-150400.3.37.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * cosign-debuginfo-3.0.5-150400.3.37.1 * cosign-3.0.5-150400.3.37.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * cosign-debuginfo-3.0.5-150400.3.37.1 * cosign-3.0.5-150400.3.37.1 * Basesystem Module 15-SP7 (noarch) * cosign-bash-completion-3.0.5-150400.3.37.1 * cosign-zsh-completion-3.0.5-150400.3.37.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) *cosign-3.0.5-150400.3.37.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * cosign-3.0.5-150400.3.37.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * cosign-3.0.5-150400.3.37.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * cosign-3.0.5-150400.3.37.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * cosign-3.0.5-150400.3.37.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * cosign-3.0.5-150400.3.37.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64) * cosign-debuginfo-3.0.5-150400.3.37.1 * cosign-3.0.5-150400.3.37.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * cosign-3.0.5-150400.3.37.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * cosign-3.0.5-150400.3.37.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * cosign-debuginfo-3.0.5-150400.3.37.1 * cosign-3.0.5-150400.3.37.1 . Explore the important security update for Cosign in SUSE. Ensure your system is compliant with the latest security measures.. SUSE Cosign Update, Important Security Advisory, Linux Security Patch. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 27, 2026 Important SuSE
217

Oracle Linux 10 Grafana Key Security Notification ELSA-2026-2915

The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-2914 http://linux.oracle.com/errata/ELSA-2026-2914.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: grafana-10.2.6-22.el10_1.x86_64.rpm grafana-selinux-10.2.6-22.el10_1.x86_64.rpm aarch64: grafana-10.2.6-22.el10_1.aarch64.rpm grafana-selinux-10.2.6-22.el10_1.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/grafana-10.2.6-22.el10_1.src.rpm Related CVEs: CVE-2025-61726 CVE-2025-61728 CVE-2025-61729 CVE-2025-68121 CVE-2026-21721 Description of changes: [10.2.6-22] - Resolves RHEL-144948: CVE-2026-21721 - Resolves RHEL-146721: CVE-2025-61726 - Resolves RHEL-146926: CVE-2025-61729 - Resolves RHEL-147351: CVE-2025-61728 - Resolves RHEL-149227: CVE-2025-68121 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Updated Grafana rpms for Oracle Linux 10 address several important security issues. Immediate action recommended.. Oracle Linux grafana security updates. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Feb 23, 2026 Important Oracle
202

openSUSE Tumbleweed: cosign 2.5.3-1.1 Moderate CVE-2025-46569 Advisory

An update that solves one vulnerability can now be installed.. # cosign-2.5.3-1.1 on GA media Announcement ID: openSUSE-SU-2025:15355-1 Rating: moderate Cross-References: * CVE-2025-46569 CVSS scores: * CVE-2025-46569 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L * CVE-2025-46569 ( SUSE ): 7.6 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the cosign-2.5.3-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * cosign 2.5.3-1.1 * cosign-bash-completion 2.5.3-1.1 * cosign-fish-completion 2.5.3-1.1 * cosign-zsh-completion 2.5.3-1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-46569.html . An updated openSUSE notification describes a significant security patch for cosign related to CVE-2025-46570 aimed at bolstering system integrity.. openSUSE,Tumbleweed,cosign,security update,moderate threat. . LinuxSecurity.com Team

Calendar%202 Jul 19, 2025 OpenSUSE
100

openSUSE: 2025:1051-1 critical vulnerability in SSH packet size handling

* bsc#1237467 Cross-References: * CVE-2025-26618 . # Security update for erlang26 Announcement ID: SUSE-SU-2025:1051-1 Release Date: 2025-03-28T14:50:28Z Rating: important References: * bsc#1237467 Cross-References: * CVE-2025-26618 CVSS scores: * CVE-2025-26618 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-26618 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2025-26618 ( NVD ): 7.0 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for erlang26 fixes the following issues: * CVE-2025-26618: Fixed incorrect verification of SSH SFTP packet size in Erlang OTP (bsc#1237467) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1051=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-1051=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-1051=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * erlang26-debugsource-26.2.1-150300.7.8.1 * erlang26-26.2.1-150300.7.8.1 * erlang26-debugger-26.2.1-150300.7.8.1 * erlang26-dialyzer-debuginfo-26.2.1-150300.7.8.1 * erlang26-epmd-26.2.1-150300.7.8.1 * erlang26-et-src-26.2.1-150300.7.8.1 * erlang26-et-26.2.1-150300.7.8.1 *erlang26-doc-26.2.1-150300.7.8.1 * erlang26-src-26.2.1-150300.7.8.1 * erlang26-observer-26.2.1-150300.7.8.1 * erlang26-wx-debuginfo-26.2.1-150300.7.8.1 * erlang26-dialyzer-src-26.2.1-150300.7.8.1 * erlang26-diameter-26.2.1-150300.7.8.1 * erlang26-diameter-src-26.2.1-150300.7.8.1 * erlang26-dialyzer-26.2.1-150300.7.8.1 * erlang26-observer-src-26.2.1-150300.7.8.1 * erlang26-reltool-src-26.2.1-150300.7.8.1 * erlang26-jinterface-26.2.1-150300.7.8.1 * erlang26-wx-src-26.2.1-150300.7.8.1 * erlang26-epmd-debuginfo-26.2.1-150300.7.8.1 * erlang26-jinterface-src-26.2.1-150300.7.8.1 * erlang26-debuginfo-26.2.1-150300.7.8.1 * erlang26-wx-26.2.1-150300.7.8.1 * erlang26-debugger-src-26.2.1-150300.7.8.1 * erlang26-reltool-26.2.1-150300.7.8.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * erlang26-debugsource-26.2.1-150300.7.8.1 * erlang26-26.2.1-150300.7.8.1 * erlang26-debugger-26.2.1-150300.7.8.1 * erlang26-dialyzer-debuginfo-26.2.1-150300.7.8.1 * erlang26-epmd-26.2.1-150300.7.8.1 * erlang26-et-src-26.2.1-150300.7.8.1 * erlang26-et-26.2.1-150300.7.8.1 * erlang26-doc-26.2.1-150300.7.8.1 * erlang26-src-26.2.1-150300.7.8.1 * erlang26-observer-26.2.1-150300.7.8.1 * erlang26-wx-debuginfo-26.2.1-150300.7.8.1 * erlang26-dialyzer-src-26.2.1-150300.7.8.1 * erlang26-diameter-26.2.1-150300.7.8.1 * erlang26-diameter-src-26.2.1-150300.7.8.1 * erlang26-dialyzer-26.2.1-150300.7.8.1 * erlang26-observer-src-26.2.1-150300.7.8.1 * erlang26-reltool-src-26.2.1-150300.7.8.1 * erlang26-jinterface-26.2.1-150300.7.8.1 * erlang26-wx-src-26.2.1-150300.7.8.1 * erlang26-epmd-debuginfo-26.2.1-150300.7.8.1 * erlang26-jinterface-src-26.2.1-150300.7.8.1 * erlang26-debuginfo-26.2.1-150300.7.8.1 * erlang26-wx-26.2.1-150300.7.8.1 * erlang26-debugger-src-26.2.1-150300.7.8.1 * erlang26-reltool-26.2.1-150300.7.8.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) *erlang26-epmd-debuginfo-26.2.1-150300.7.8.1 * erlang26-debugsource-26.2.1-150300.7.8.1 * erlang26-26.2.1-150300.7.8.1 * erlang26-epmd-26.2.1-150300.7.8.1 * erlang26-debuginfo-26.2.1-150300.7.8.1 ## References: * https://www.suse.com/security/cve/CVE-2025-26618.html * https://bugzilla.suse.com/show_bug.cgi?id=1237467 . The SUSE 2025:1051-1 patch for erlang26 has been released to address serious SSH vulnerabilities, enhancing security protocols to combat evolving cyber threats. SUSE Security Advisory, erlang26, SSH Packet Size Issue, SUSE Updates. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 28, 2025 Important SuSE
100

SUSE Linux 15 SP5: 2024:3342-1 Important: Kubernetes 1.24 Security Issues

* bsc#1216109 * bsc#1216123 * bsc#1221400 * bsc#1226136 * bsc#1229858 . # Security update for kubernetes1.24 Announcement ID: SUSE-SU-2024:3342-1 Rating: important References: * bsc#1216109 * bsc#1216123 * bsc#1221400 * bsc#1226136 * bsc#1229858 * bsc#1229867 * bsc#1229869 * bsc#1230323 Cross-References: * CVE-2023-39325 * CVE-2023-44487 * CVE-2023-45288 * CVE-2024-24786 CVSS scores: * CVE-2023-39325 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-39325 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24786 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities and has four security fixes can now be installed. ## Description: This update for kubernetes1.24 fixes the following issues: * CVE-2023-39325: go1.20: excessive resource consumption when dealing with rapid stream resets. (bsc#1229869) * CVE-2023-44487: google.golang.org/grpc, kube-apiserver: HTTP/2 rapid reset vulnerability. (bsc#1229869) * CVE-2023-45288: golang.org/x/net: excessive CPU consumption when processing unlimited sets of headers. (bsc#1229869) * CVE-2024-24786: github.com/golang/protobuf: infinite loop when unmarshaling invalid JSON. (bsc#1229867) Bug fixes: * Update go to version 1.22.5 in build requirements. (bsc#1229858) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaSTonline_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3342=1 openSUSE-SLE-15.5-2024-3342=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3342=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-3342=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-apiserver-1.24.17-150500.3.22.1 * kubernetes1.24-proxy-1.24.17-150500.3.22.1 * kubernetes1.24-kubelet-1.24.17-150500.3.22.1 * kubernetes1.24-kubelet-common-1.24.17-150500.3.22.1 * kubernetes1.24-client-common-1.24.17-150500.3.22.1 * kubernetes1.24-kubeadm-1.24.17-150500.3.22.1 * kubernetes1.24-scheduler-1.24.17-150500.3.22.1 * kubernetes1.24-client-1.24.17-150500.3.22.1 * kubernetes1.24-controller-manager-1.24.17-150500.3.22.1 * openSUSE Leap 15.5 (noarch) * kubernetes1.24-client-fish-completion-1.24.17-150500.3.22.1 * kubernetes1.24-client-bash-completion-1.24.17-150500.3.22.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-apiserver-1.24.17-150500.3.22.1 * kubernetes1.24-proxy-1.24.17-150500.3.22.1 * kubernetes1.24-kubelet-1.24.17-150500.3.22.1 * kubernetes1.24-kubelet-common-1.24.17-150500.3.22.1 * kubernetes1.24-client-common-1.24.17-150500.3.22.1 * kubernetes1.24-kubeadm-1.24.17-150500.3.22.1 * kubernetes1.24-scheduler-1.24.17-150500.3.22.1 * kubernetes1.24-client-1.24.17-150500.3.22.1 * kubernetes1.24-controller-manager-1.24.17-150500.3.22.1 * openSUSE Leap 15.6 (noarch) * kubernetes1.24-client-fish-completion-1.24.17-150500.3.22.1 * kubernetes1.24-client-bash-completion-1.24.17-150500.3.22.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-client-1.24.17-150500.3.22.1 * kubernetes1.24-client-common-1.24.17-150500.3.22.1 ## References: * https://www.suse.com/security/cve/CVE-2023-39325.html *https://www.suse.com/security/cve/CVE-2023-44487.html * https://www.suse.com/security/cve/CVE-2023-45288.html * https://www.suse.com/security/cve/CVE-2024-24786.html * https://bugzilla.suse.com/show_bug.cgi?id=1216109 * https://bugzilla.suse.com/show_bug.cgi?id=1216123 * https://bugzilla.suse.com/show_bug.cgi?id=1221400 * https://bugzilla.suse.com/show_bug.cgi?id=1226136 * https://bugzilla.suse.com/show_bug.cgi?id=1229858 * https://bugzilla.suse.com/show_bug.cgi?id=1229867 * https://bugzilla.suse.com/show_bug.cgi?id=1229869 * https://bugzilla.suse.com/show_bug.cgi?id=1230323 . Ubuntu Linux releases a critical security update for docker 20.10, addressing numerous security concerns and weaknesses.. Kubernetes Remediation, SUSE Security Fixes, OpenSUSE Updates. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Sep 19, 2024 Important SuSE
217

Oracle Linux 9 ELSA-2024-4624: Important Update for Thunderbird

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-4624 http://linux.oracle.com/errata/ELSA-2024-4624.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: thunderbird-115.13.0-3.0.1.el9_4.x86_64.rpm aarch64: thunderbird-115.13.0-3.0.1.el9_4.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//thunderbird-115.13.0-3.0.1.el9_4.src.rpm Related CVEs: CVE-2024-6601 CVE-2024-6603 CVE-2024-6604 Description of changes: [115.13.0-3.0.1] - Add Oracle prefs [115.13.0] - Add OpenELA debranding [115.13.0-3] - Update to 115.13.0 build5 [115.13.0-2] - Update to 115.13.0 build3 [115.13.0-1] - Update to 115.13.0 build1 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Crucial notifications concerning Oracle Linux 9 Thunderbird, detailed in advisory ELSA-2024-4624, include significant security improvements and corrections.. Oracle Linux Updates, Thunderbird Security, Linux Security Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 19, 2024 Important Oracle
217

Oracle Linux 9 ELSA-2024-2758 moderate: Kernel update and security threats

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-2758 http://linux.oracle.com/errata/ELSA-2024-2758.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: bpftool-7.3.0-427.16.1.el9_4.x86_64.rpm kernel-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-abi-stablelists-5.14.0-427.16.1.el9_4.noarch.rpm kernel-core-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-debug-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-debug-core-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-debug-devel-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-debug-devel-matched-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-debug-modules-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-debug-modules-core-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-debug-modules-extra-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-devel-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-devel-matched-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-doc-5.14.0-427.16.1.el9_4.noarch.rpm kernel-headers-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-modules-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-modules-core-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-modules-extra-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-tools-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-tools-libs-5.14.0-427.16.1.el9_4.x86_64.rpm perf-5.14.0-427.16.1.el9_4.x86_64.rpm python3-perf-5.14.0-427.16.1.el9_4.x86_64.rpm rtla-5.14.0-427.16.1.el9_4.x86_64.rpm rv-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-cross-headers-5.14.0-427.16.1.el9_4.x86_64.rpm kernel-tools-libs-devel-5.14.0-427.16.1.el9_4.x86_64.rpm libperf-5.14.0-427.16.1.el9_4.x86_64.rpm aarch64: bpftool-7.3.0-427.16.1.el9_4.aarch64.rpm kernel-headers-5.14.0-427.16.1.el9_4.aarch64.rpm kernel-tools-5.14.0-427.16.1.el9_4.aarch64.rpm kernel-tools-libs-5.14.0-427.16.1.el9_4.aarch64.rpm perf-5.14.0-427.16.1.el9_4.aarch64.rpm python3-perf-5.14.0-427.16.1.el9_4.aarch64.rpm kernel-cross-headers-5.14.0-427.16.1.el9_4.aarch64.rpm kernel-tools-libs-devel-5.14.0-427.16.1.el9_4.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//kernel-5.14.0-427.16.1.el9_4.src.rpm Related CVEs: CVE-2023-6240 CVE-2024-25742 CVE-2024-25743 Description of changes: [5.14.0-427.16.1.el9_4.OL9] - Disable UKI signing [Orabug: 36571828] - Update Oracle Linux certificates (Kevin Lyons) - Disable signingfor aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64

Calendar%202 May 14, 2024 Oracle
219

Rocky Linux 9 RLSA-2024:0950 important: PostgreSQL security threat

Important: postgresql:15 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2024:0950", "synopsis": "Important: postgresql:15 security update", "severity": "SEVERITY_IMPORTANT", "topic": "An update is available for module.pgaudit, pgaudit, module.pg_repack, module.postgres-decoderbufs, pg_repack, postgres-decoderbufs.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nSecurity Fix(es):\n\n* postgresql: non-owner 'REFRESH MATERIALIZED VIEW CONCURRENTLY' executes arbitrary SQL (CVE-2024-0985)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2263384", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2263384", "description": ""}], "cves": [{"name": "CVE-2024-0985", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-0985", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}], "references": [], "publishedAt": "2024-03-12T15:42:50.027135Z", "rpms": {"Rocky Linux 9": {"nvras": ["pgaudit-0:1.7.0-1.module+el9.2.0+14925+a515b28a.ppc64le.rpm", "pgaudit-0:1.7.0-1.module+el9.2.0+14925+a515b28a.src.rpm", "pgaudit-0:1.7.0-1.module+el9.2.0+14925+a515b28a.x86_64.rpm", "pgaudit-debuginfo-0:1.7.0-1.module+el9.2.0+14925+a515b28a.ppc64le.rpm", "pgaudit-debuginfo-0:1.7.0-1.module+el9.2.0+14925+a515b28a.x86_64.rpm", "pgaudit-debugsource-0:1.7.0-1.module+el9.2.0+14925+a515b28a.ppc64le.rpm", "pgaudit-debugsource-0:1.7.0-1.module+el9.2.0+14925+a515b28a.x86_64.rpm", "pg_repack-0:1.4.8-1.module+el9.2.0+14925+a515b28a.ppc64le.rpm","pg_repack-0:1.4.8-1.module+el9.2.0+14925+a515b28a.src.rpm", "pg_repack-0:1.4.8-1.module+el9.2.0+14925+a515b28a.x86_64.rpm", "pg_repack-debuginfo-0:1.4.8-1.module+el9.2.0+14925+a515b28a.ppc64le.rpm", "pg_repack-debuginfo-0:1.4.8-1.module+el9.2.0+14925+a515b28a.x86_64.rpm", "pg_repack-debugsource-0:1.4.8-1.module+el9.2.0+14925+a515b28a.ppc64le.rpm", "pg_repack-debugsource-0:1.4.8-1.module+el9.2.0+14925+a515b28a.x86_64.rpm", "postgres-decoderbufs-0:1.9.7-1.Final.module+el9.2.0+14925+a515b28a.ppc64le.rpm", "postgres-decoderbufs-0:1.9.7-1.Final.module+el9.2.0+14925+a515b28a.src.rpm", "postgres-decoderbufs-0:1.9.7-1.Final.module+el9.2.0+14925+a515b28a.x86_64.rpm", "postgres-decoderbufs-debuginfo-0:1.9.7-1.Final.module+el9.2.0+14925+a515b28a.ppc64le.rpm", "postgres-decoderbufs-debuginfo-0:1.9.7-1.Final.module+el9.2.0+14925+a515b28a.x86_64.rpm", "postgres-decoderbufs-debugsource-0:1.9.7-1.Final.module+el9.2.0+14925+a515b28a.ppc64le.rpm", "postgres-decoderbufs-debugsource-0:1.9.7-1.Final.module+el9.2.0+14925+a515b28a.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. A crucial patch for PostgreSQL 15 on Rocky Linux tackling critical risks and weaknesses has been released.. PostgreSQL Security Update, Rocky Linux Advisory, Database Threat Management. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 12, 2024 Important Rocky Linux
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200