Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian LTS openssl Important Use-After-Free NULL Pointer Issues DLA-4624-1

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 alsa-lib Important Denial of Service Fix USN-8044-2

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS node-shell-quote Important Denial of Service CVE-2026-9277

Calendar White Jun 09, 2026
Important
Mageia Large Esm H800
Mageia

Mageia 9 Suricata Critical Performance Security Issues MGASA-2026-0181

Calendar White Jun 09, 2026
Critical
Mageia Large Esm H900
Mageia

Mageia 9 PackageKit Important TOCTOU Race Escalation CVE-2026-41651

Calendar White Jun 09, 2026
Important
Mageia Large Esm H900
Mageia

Mageia 9 Unbound Critical Remote Code Execution Advisory 2026-0034

Calendar White Jun 09, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS Netatalk Multiple Security Issues USN-8395-1

Calendar White Jun 09, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 mingw-objfw 1.5.5 Update Security Fix FEDORA-2026-de23fedf3e

Calendar White Jun 08, 2026
Fedora Large Esm H900
Fedora

Fedora 43 objfw Important Update 1.5.5 Bug Fixes June 2026

Calendar White Jun 08, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryred hatpatch

Red Hat OpenShift 2.2.9 Advisory RHSA-2023:4623-01 Important: Envoy Issues

Red Hat OpenShift Service Mesh 2.2.9 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat OpenShift Service Mesh 2.2.9 security update Advisory ID: RHSA-2023:4623-01 Product: Red Hat OpenShift Service Mesh Advisory URL: https://access.redhat.com/errata/RHSA-2023:4623 Issue date: 2023-08-11 CVE Names: CVE-2023-27487 CVE-2023-27488 CVE-2023-27491 CVE-2023-27492 CVE-2023-27493 CVE-2023-27496 ===================================================================== 1. Summary: Red Hat OpenShift Service Mesh 2.2.9 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation. Security Fix(es): * envoy: Client may fake the header `x-envoy-original-path` (CVE-2023-27487) * envoy: envoy doesn't escape HTTP header values (CVE-2023-27493) * envoy: gRPC client produces invalid protobuf when an HTTP header with non-UTF8 value is received (CVE-2023-27488) * envoy: Envoy forwards invalid HTTP/2 and HTTP/3 downstream (CVE-2023-27491) * envoy: Crash when a large request body is processed in Lua filter (CVE-2023-27492) * envoy: Crash when a redirect url without a state param is received in the oauth filter (CVE-2023-27496) For more details about the security issue(s), including the impact, a CVSS score,acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 4. Bugs fixed (https://bugzilla.redhat.com/): 2179135 - CVE-2023-27487 envoy: Client may fake the header `x-envoy-original-path` 2179138 - CVE-2023-27491 envoy: Envoy forwards invalid HTTP/2 and HTTP/3 downstream 2179139 - CVE-2023-27492 envoy: Crash when a large request body is processed in Lua filter 2182155 - CVE-2023-27496 envoy: Crash when a redirect url without a state param is received in the oauth filter 2182156 - CVE-2023-27488 envoy: gRPC client produces invalid protobuf when an HTTP header with non-UTF8 value is received 2182158 - CVE-2023-27493 envoy: envoy doesn't escape HTTP header values 5. References: https://access.redhat.com/security/cve/CVE-2023-27487 https://access.redhat.com/security/cve/CVE-2023-27488 https://access.redhat.com/security/cve/CVE-2023-27491 https://access.redhat.com/security/cve/CVE-2023-27492 https://access.redhat.com/security/cve/CVE-2023-27493 https://access.redhat.com/security/cve/CVE-2023-27496 https://access.redhat.com/security/updates/classification/#important 6. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIcBAEBCAAGBQJk1pfaAAoJENzjgjWX9erE16UP/Az3YBHc2BsjRSY0/48IyI49 PZ8yFpBCQMocY7dnts48iFeeVZtQlFruLzOOvGWvaKyPCSiyC0XtTg/6sw71XCaf bpOsMXNV75ggf0tTO6JEgGqD326pdOnYqXMUfBnxvgtqQ/Ej1kyGCig+c7bEcvB0 l0m4NsAo224h8U33fnOPbgP/m/0elWCTcZbOUBLd+qRqwE9edZX4Chd+3l3pq5kg zJHLKHui/q+dAIqgsoK6CznTglUXuFQlYpu+vlAomrMGED7kx3t7QgttmhlL7krl rKIBgJml3nottyavLGmdCBiuklBlcNNV6LHZNkIEaIaH7Hlgbcb0AWHcOr97KXxQ K1ZpIdNOX0IDgltC3cGWbmiNmM45KSWKjCTUKXPiD0jlIxbuDIrqT25tOlNw4nRa R4hoiJUvUBl33zcg0q1JZmr9iYA7kKmrQUTgjMaFersmaeVaALBsmwdmTasaAsC0 jdNzrbRB2JCnozPUphYff6Zc0iIKKPmMKtAWDzdyor0eQ+7sPfXNyND2WC5OQtVS oLK/juc7CxQkMhOI09goLFMSUEO7czvKzdr5rzG8s1D7JHNtPLlCy2D0X4jAXIKD Ca53KIpxVrEUpmrApFvZscITKSyEGt0pouxEh2mFU6Op1ZcnONOeDXz7+KVfQTZZ 3+soC5oF43vm3/r9KJAz =xctn -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Critical update for Red Hat OpenShift Service Mesh 2.2.9 includes vital security enhancements and issue resolutions.. Red Hat OpenShift, Service Mesh, security update, critical patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 11, 2023 Important Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hatimportant

Red Hat OpenShift 2.0: RHSA-2021-2061 Important Authorization Bypass

An update for servicemesh is now available for OpenShift Service Mesh 2.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat OpenShift Service Mesh 2.0.5 security update Advisory ID: RHSA-2021:2061-01 Product: Red Hat OpenShift Service Mesh Advisory URL: https://access.redhat.com/errata/RHSA-2021:2061 Issue date: 2021-05-20 CVE Names: CVE-2021-31921 ==================================================================== 1. Summary: An update for servicemesh is now available for OpenShift Service Mesh 2.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: 2.0 - ppc64le, s390x, x86_64 3. Description: Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Security Fix(es): * istio/istio: authorization bypass when using AUTO_PASSTHROUGH (CVE-2021-31921) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: The OpenShift Service Mesh release notes provide information on the features and known issues: esh-release-notes.html 5. Bugs fixed (https://bugzilla.redhat.com/): 1955396 - CVE-2021-31921 istio/istio: authorization bypass when using AUTO_PASSTHROUGH 6. PackageList: 2.0: Source: servicemesh-2.0.5-3.el8.src.rpm ppc64le: servicemesh-2.0.5-3.el8.ppc64le.rpm servicemesh-istioctl-2.0.5-3.el8.ppc64le.rpm servicemesh-mixc-2.0.5-3.el8.ppc64le.rpm servicemesh-mixs-2.0.5-3.el8.ppc64le.rpm servicemesh-pilot-agent-2.0.5-3.el8.ppc64le.rpm servicemesh-pilot-discovery-2.0.5-3.el8.ppc64le.rpm s390x: servicemesh-2.0.5-3.el8.s390x.rpm servicemesh-istioctl-2.0.5-3.el8.s390x.rpm servicemesh-mixc-2.0.5-3.el8.s390x.rpm servicemesh-mixs-2.0.5-3.el8.s390x.rpm servicemesh-pilot-agent-2.0.5-3.el8.s390x.rpm servicemesh-pilot-discovery-2.0.5-3.el8.s390x.rpm x86_64: servicemesh-2.0.5-3.el8.x86_64.rpm servicemesh-istioctl-2.0.5-3.el8.x86_64.rpm servicemesh-mixc-2.0.5-3.el8.x86_64.rpm servicemesh-mixs-2.0.5-3.el8.x86_64.rpm servicemesh-pilot-agent-2.0.5-3.el8.x86_64.rpm servicemesh-pilot-discovery-2.0.5-3.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2021-31921 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYKZEi9zjgjWX9erEAQhHkQ//fm7MMI9+tRp+hlFL5Ndr5YzdeqdbLOHS CVplVd9lwsITgbSFBZC+az8gUZ/b1Cn4nnNaL9fthvzz3MOfBcEkdAezQQyuHEZQ 9oVGSHSvI40bbmz6Bdv5btoGBSE7TTvmjH4rLRioT6UUUsm6SkBOmm+Pjr8vX3fU RXwGHUn7krAKypeisr5Dsw63ehTI2XWBQuFRJaJTAqEjvOIfJIMKWa1kvTxEWUKD Xs8nEbwKIOi27VPoJj2OjS2uFJF8NWJnxc5HPn4cWm/i7CvZcsun5/ZZa3eLWwZ/ LYpIienNGpGup1P1L4EPm9d8lG/41sLdE/j6R2tPa4LYHV4vRZoa9Fj68X+CuLbT 6+n0OYevsWo1g7C+jgKBgsCzsu6V+J/rcCY4g2Zl9RUTCrknlz7xcto20KhDuhPy WG9Xe87ka5GbExU25kh/uJj7rMR0aF4QyE8SngEo5azY/wOALaLN9Y8Wb2QADv7x 3M8NYonDmRuvVGoo/aMkLTESTTyUMvfdZlt+oy8wrNPL/OQHaU8JYQVDPQvFVESW PCEzElB/wzqxFIA12qJG+hkgkLmh/vDTOFQS6ZalxAgM2n5qECjWDW8GGFNiVfs5 BDlIQsDLPK2hDPKF3GVbvRqo/uAsp2ppC8UQkKli6u8hOVPlt0hldzRbALncsa/e Ei92hP0HvKU=kAXH -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://listman.redhat.com/mailman/listinfo/rhsa-announce . The latest update, version 2.0.5, for Red Hat OpenShift Service Mesh resolves a critical flaw in authorization mechanisms. Ensure your systems are protected!. OpenShift Service Mesh, Authorization Bypass, Red Hat Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 20, 2021 Important Red Hat
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here