Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 3 articles for you...
172
security advisoryUbuntuimportantUbuntu 25.10 xdg-dbus-proxy Important Local Attack Exposure USN-8167-1
xdg-dbus-proxy could be made to expose sensitive information.. ========================================================================== Ubuntu Security Notice USN-8167-1 April 13, 2026 xdg-dbus-proxy vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS Summary: xdg-dbus-proxy could be made to expose sensitive information. Software Description: - xdg-dbus-proxy: A filtering proxy for D-Bus connections Details: It was discovered that xdg-dbus-proxy incorrectly handled eavesdropping in policy rules. A local attacker could possibly use this issue to intercept certain D-Bus messages. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 xdg-dbus-proxy 0.1.6-1ubuntu0.1 Ubuntu 24.04 LTS xdg-dbus-proxy 0.1.5-1ubuntu0.2 Ubuntu 22.04 LTS xdg-dbus-proxy 0.1.3-1ubuntu0.1 After a standard system update you need to restart your session to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8167-1 CVE-2026-34080 Package Information: https://launchpad.net/ubuntu/+source/xdg-dbus-proxy/0.1.6-1ubuntu0.1 https://launchpad.net/ubuntu/+source/xdg-dbus-proxy/0.1.5-1ubuntu0.2 https://launchpad.net/ubuntu/+source/xdg-dbus-proxy/0.1.3-1ubuntu0.1 . Ubuntu 25.10, 24.04 LTS, 22.04 LTS xdg-dbus-proxy exposes sensitive data - update recommended.. xdg-dbus-proxy, Ubuntu, sensitive information, local attack, security update. . Severity: Important. LinuxSecurity.com Team
Apr 13, 2026
•Important
Ubuntu
89
security advisoryupdateFedoraFedora 37: FEDORA-2023-c1535224de Moderate: WordPress Exposure Risk
WordPress 6.2.3 Security Release. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-c1535224de 2023-10-25 01:23:41.902221 -------------------------------------------------------------------------------- Name : wordpress Product : Fedora 37 Version : 6.2.3 Release : 1.fc37 URL : https://wordpress.org/ Summary : Blog tool and publishing platform Description : Wordpress is an online publishing / weblog package that makes it very easy, almost trivial, to get information out to people on the web. Important information in /usr/share/doc/wordpress/README.fedora -------------------------------------------------------------------------------- Update Information: WordPress 6.2.3 Security Release -------------------------------------------------------------------------------- ChangeLog: * Mon Oct 16 2023 Remi Collet - 6.2.3-1 - WordPress 6.2.3 Security Release -------------------------------------------------------------------------------- References: [ 1 ] Bug #2244113 - CVE-2023-39999 wordpress: potential sensitive information exposure from unauthorized actors https://bugzilla.redhat.com/show_bug.cgi?id=2244113 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-c1535224de' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Oct 25, 2023
•Important
Fedora
172
security advisorysoftware updateremote attackUbuntu 18.04 LTS USN-6361-2: CUPS Critical Information Disclosure
CUPS could be made to expose sensitive information.. ========================================================================== Ubuntu Security Notice USN-6361-2 September 26, 2023 cups vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) Summary: CUPS could be made to expose sensitive information. Software Description: - cups: Common UNIX Printing System(tm) Details: USN-6361-1 fixed a vulnerability in CUPS. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that CUPS incorrectly authenticated certain remote requests. A remote attacker could possibly use this issue to obtain recently printed documents. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS (Available with Ubuntu Pro): cups 2.2.7-1ubuntu2.10+esm3 Ubuntu 16.04 LTS (Available with Ubuntu Pro): cups 2.1.3-4ubuntu0.11+esm5 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6361-2 CVE-2023-32360 . Ubuntu Security Notice USN-6361-3 tackles a CUPS vulnerability that allows for potential data leaks.. CUPS Vulnerability, Ubuntu Security Update, Information Disclosure. . Severity: Critical. LinuxSecurity.com Team
Sep 26, 2023
•Critical
Ubuntu
172
security advisorysecurity issueubuntuUbuntu 20.04 LTS: USN-5286-1 Moderate: Cryptsetup Sensitive Exposure
cryptsetup could be made to expose sensitive information.. =========================================================================Ubuntu Security Notice USN-5286-1 February 15, 2022 cryptsetup vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 21.10 - Ubuntu 20.04 LTS Summary: cryptsetup could be made to expose sensitive information. Software Description: - cryptsetup: disk encryption support Details: Milan Broz discovered that cryptsetup incorrectly handled LUKS2 reencryption recovery. An attacker with physical access to modify the encrypted device header may trigger the device to be unencrypted the next time it is mounted by the user. On Ubuntu 20.04 LTS, this issue was fixed by disabling the online reencryption feature. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 21.10: cryptsetup 2:2.3.7-0ubuntu0.21.10.1 Ubuntu 20.04 LTS: cryptsetup 2:2.2.2-3ubuntu2.4 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5286-1 CVE-2021-4122 Package Information: https://launchpad.net/ubuntu/+source/cryptsetup/2:2.3.7-0ubuntu0.21.10.1 https://launchpad.net/ubuntu/+source/cryptsetup/2:2.2.2-3ubuntu2.4 . A flaw in Cryptsetup exposes confidential data on Ubuntu machines, signaling a major security threat.. Cryptsetup Vulnerability, Ubuntu Security Notice, Sensitive Information Exposure. . LinuxSecurity.com Team
Feb 15, 2022
Ubuntu
100
security advisorymoderatesuseSUSE 2021:2121-1 Moderate: Ansible Security Update for OpenStack
An update that fixes 5 vulnerabilities is now available. . SUSE Security Update: Security update for ansible ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:2121-1 Rating: moderate References: #1180816 #1180942 #1181119 #1181935 #1183684 Cross-References: CVE-2021-20178 CVE-2021-20180 CVE-2021-20191 CVE-2021-20228 CVE-2021-3447 CVSS scores: CVE-2021-20178 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2021-20178 (SUSE): 5 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2021-20180 (SUSE): 5 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2021-20191 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2021-20191 (SUSE): 5 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2021-20228 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2021-20228 (SUSE): 5 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVE-2021-3447 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2021-3447 (SUSE): 5 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Affected Products: SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud 8 HPE Helion Openstack 8 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: This update for ansible fixes the following issues: - Update to 2.9.22: - CVE-2021-3447: multiple modules expose secured values (bsc#1183684) - CVE-2021-20228: basic.py no_log with fallback option (bsc#1181935) - CVE-2021-20191: multiple collections exposes secured values (bsc#1181119) - CVE-2021-20180: bitbucket_pipeline_variable exposes sensitive values (bsc#1180942) - CVE-2021-20178: user data leak insnmp_facts module (bsc#1180816) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2021-2121=1 - SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2021-2121=1 - HPE Helion Openstack 8: zypper in -t patch HPE-Helion-OpenStack-8-2021-2121=1 Package List: - SUSE OpenStack Cloud Crowbar 8 (x86_64): ansible-2.9.22-3.18.1 - SUSE OpenStack Cloud 8 (x86_64): ansible-2.9.22-3.18.1 - HPE Helion Openstack 8 (x86_64): ansible-2.9.22-3.18.1 References: https://www.suse.com/security/cve/CVE-2021-20178.html https://www.suse.com/security/cve/CVE-2021-20180.html https://www.suse.com/security/cve/CVE-2021-20191.html https://www.suse.com/security/cve/CVE-2021-20228.html https://www.suse.com/security/cve/CVE-2021-3447.html https://bugzilla.suse.com/1180816 https://bugzilla.suse.com/1180942 https://bugzilla.suse.com/1181119 https://bugzilla.suse.com/1181935 https://bugzilla.suse.com/1183684 . The recent Ansible enhancement addresses a total of 5 vulnerabilities including unauthorized access and leakage of sensitive data. Implement the updates to strengthen system security.. Ansible Update, SUSE Security Patch, Sensitive Data Leak, OpenStack Security, Cybersecurity Fix. . LinuxSecurity.com Team
Jun 22, 2021
SuSE
172
security advisorydenial of serviceUbuntuUbuntu 20.04 & 18.04: USN-4475-1 Critical Chrony Vulnerability
Chrony could be made to crash or expose sensitive information.. =========================================================================Ubuntu Security Notice USN-4475-1 August 27, 2020 chrony vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Chrony could be made to crash or expose sensitive information. Software Description: - chrony: An implementation of the Network Time Protocol Details: It was discovered that Chrony incorrectly handled certain symbolic links. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: chrony 3.5-6ubuntu6.2 Ubuntu 18.04 LTS: chrony 3.2-4ubuntu4.5 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4475-1 CVE-2020-14367 Package Information: https://launchpad.net/ubuntu/+source/chrony/3.5-6ubuntu6.2 https://launchpad.net/ubuntu/+source/chrony/3.2-4ubuntu4.5 . Ubuntu's Chrony may face vulnerabilities that risk system stability or data leaks. Ensure safety by updating your software immediately.. Chrony Vulnerability, Ubuntu Security Update, Denial of Service, Sensitive Information Exposure. . Severity: Critical. LinuxSecurity.com Team
Aug 27, 2020
•Critical
Ubuntu
172
security advisoryUbuntucurlUbuntu 20.04 LTS: USN-4466-1 Critical: Curl Sensitive Exposure
curl could be made to expose sensitive information over the network.. =========================================================================Ubuntu Security Notice USN-4466-1 August 19, 2020 curl vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: curl could be made to expose sensitive information over the network. Software Description: - curl: HTTP, HTTPS, and FTP client and client libraries Details: Marc Aldorasi discovered that curl incorrectly handled the libcurl CURLOPT_CONNECT_ONLY option. This could result in data being sent to the wrong destination, possibly exposing sensitive information. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: curl 7.68.0-1ubuntu2.2 libcurl3-gnutls 7.68.0-1ubuntu2.2 libcurl3-nss 7.68.0-1ubuntu2.2 libcurl4 7.68.0-1ubuntu2.2 Ubuntu 18.04 LTS: curl 7.58.0-2ubuntu3.10 libcurl3-gnutls 7.58.0-2ubuntu3.10 libcurl3-nss 7.58.0-2ubuntu3.10 libcurl4 7.58.0-2ubuntu3.10 Ubuntu 16.04 LTS: curl 7.47.0-1ubuntu2.16 libcurl3 7.47.0-1ubuntu2.16 libcurl3-gnutls 7.47.0-1ubuntu2.16 libcurl3-nss 7.47.0-1ubuntu2.16 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4466-1 CVE-2020-8231 Package Information: https://launchpad.net/ubuntu/+source/curl/7.68.0-1ubuntu2.2 https://launchpad.net/ubuntu/+source/curl/7.58.0-2ubuntu3.10 https://launchpad.net/ubuntu/+source/curl/7.47.0-1ubuntu2.16 . Critical vulnerability in curlon Ubuntu, potentially leaking confidential information during network communications. Immediate upgrade advised.. curl vulnerability, Ubuntu security, network exposure. . Severity: Critical. LinuxSecurity.com Team
Aug 19, 2020
•Critical
Ubuntu
172
security advisorydenial of serviceubuntuUbuntu 19.04 LTS: USN-4052-1 moderate: whoopsie denial of service
Whoopsie could be made to crash or expose sensitive information if it processed a specially crafted crash report.. =========================================================================Ubuntu Security Notice USN-4052-1 July 09, 2019 whoopsie vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.04 - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Whoopsie could be made to crash or expose sensitive information if it processed a specially crafted crash report. Software Description: - whoopsie: Ubuntu error tracker submission Details: Kevin Backhouse discovered Whoopsie incorrectly handled very large crash reports. A local attacker could possibly use this issue to cause a denial of service or expose sensitive information. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: libwhoopsie0 0.2.64ubuntu0.1 whoopsie 0.2.64ubuntu0.1 Ubuntu 18.10: libwhoopsie0 0.2.62ubuntu1 whoopsie 0.2.62ubuntu1 Ubuntu 18.04 LTS: libwhoopsie0 0.2.62ubuntu0.1 whoopsie 0.2.62ubuntu0.1 Ubuntu 16.04 LTS: libwhoopsie0 0.2.52.5ubuntu0.1 whoopsie 0.2.52.5ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4052-1 CVE-2019-11476 Package Information: https://launchpad.net/ubuntu/+source/whoopsie/0.2.64ubuntu0.1 https://launchpad.net/ubuntu/+source/whoopsie/0.2.62ubuntu1 https://launchpad.net/ubuntu/+source/whoopsie/0.2.62ubuntu0.1 https://launchpad.net/ubuntu/+source/whoopsie/0.2.52.5ubuntu0.1 . An oversight flaw in Ubuntu may result in system failures or leakage of confidential information; patches have been released.. whoopsie security, Ubuntuvulnerability, denial of service, sensitive information leak. . LinuxSecurity.com Team
Jul 09, 2019
Ubuntu
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!