Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -3 articles for you...
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisoryupdatesoftware fix

Mageia 8: MGASA-2021-0383 Moderate Update for perl-Mojolicious Session

This update backports some significant security fixes relating to session security from the upstream 9.19 release. See upstream references for more informations. . MGASA-2021-0383 - Updated perl-Mojolicious package fixes security vulnerability Publication date: 27 Jul 2021 URL: https://advisories.mageia.org/MGASA-2021-0383.html Type: security Affected Mageia releases: 8 This update backports some significant security fixes relating to session security from the upstream 9.19 release. See upstream references for more informations. References: - https://bugs.mageia.org/show_bug.cgi?id=29242 - https://github.com/mojolicious/mojo/pull/1791 - https://github.com/mojolicious/mojo/commit/3f10b6af0271c4b5b589d2d9c31ea43c8e9087d6 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/LLJACE25ITC4DPORQVHAWJ7E7EOYEQEV/ SRPMS: - 8/core/perl-Mojolicious-8.700.0-1.1.mga8 . Mageia 2021-0384 enhances perl-Dancer for improved session integrity with upstream enhancements from version 1.351.. Mageia Security Update, Session Security Fix, Perl-Mojolicious, Upstream Backport. . LinuxSecurity.com Team

Calendar 2 Jul 27, 2021 Mageia
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysoftware updateFedora

Fedora 34: FEDORA-2021-5bbf51d86d Security Advisory for Mojolicious

This update backports some significant security fixes relating to session security from the upstream 9.19 release. See https://github.com/mojolicious/mojo/pull/1791 and https://github.com/mojolicious /mojo/commit/3f10b6af0271c4b5b589d2d9c31ea43c8e9087d6 for more details. Please restart any running services that use Mojolicious after installing the update.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-5bbf51d86d 2021-07-09 01:00:53.185892 --------------------------------------------------------------------------------Name : perl-Mojolicious Product : Fedora 34 Version : 8.73 Release : 2.fc34 URL : https://metacpan.org/dist/Mojolicious Summary : A next generation web framework for Perl Description : Back in the early days of the web there was this wonderful Perl library called CGI, many people only learned Perl because of it. It was simple enough to get started without knowing much about the language and powerful enough to keep you going, learning by doing was much fun. While most of the techniques used are outdated now, the idea behind it is not. Mojolicious is a new attempt at implementing this idea using state of the art technology. --------------------------------------------------------------------------------Update Information: This update backports some significant security fixes relating to session security from the upstream 9.19 release. See https://github.com/mojolicious/mojo/pull/1791 and https://github.com/mojolicious /mojo/commit/3f10b6af0271c4b5b589d2d9c31ea43c8e9087d6 for more details. Please restart any running services that use Mojolicious after installing the update. --------------------------------------------------------------------------------ChangeLog: * Wed Jun 30 2021 Adam Williamson - 8.73-2 - Backport session security fixes from 9.19 --------------------------------------------------------------------------------This update can be installed with the"dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-5bbf51d86d' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Critical session security patches applied to perl-Mojolicious in Fedora. Ensure to restart services post-installation.. Fedora, mojolicious, perl new features, software fixes. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jul 08, 2021 Important Fedora
Banner 1 1028x280 1708121660 1771599717
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysoftware updateFedora

Fedora 33: 2021-eee91f69df Critical: Mojolicious Session Security Update

This update backports some significant security fixes relating to session security from the upstream 9.19 release. See https://github.com/mojolicious/mojo/pull/1791 and https://github.com/mojolicious /mojo/commit/3f10b6af0271c4b5b589d2d9c31ea43c8e9087d6 for more details. Please restart any running services that use Mojolicious after installing the update.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-eee91f69df 2021-07-09 00:45:55.174288 --------------------------------------------------------------------------------Name : perl-Mojolicious Product : Fedora 33 Version : 8.73 Release : 2.fc33 URL : https://metacpan.org/dist/Mojolicious Summary : A next generation web framework for Perl Description : Back in the early days of the web there was this wonderful Perl library called CGI, many people only learned Perl because of it. It was simple enough to get started without knowing much about the language and powerful enough to keep you going, learning by doing was much fun. While most of the techniques used are outdated now, the idea behind it is not. Mojolicious is a new attempt at implementing this idea using state of the art technology. --------------------------------------------------------------------------------Update Information: This update backports some significant security fixes relating to session security from the upstream 9.19 release. See https://github.com/mojolicious/mojo/pull/1791 and https://github.com/mojolicious /mojo/commit/3f10b6af0271c4b5b589d2d9c31ea43c8e9087d6 for more details. Please restart any running services that use Mojolicious after installing the update. --------------------------------------------------------------------------------ChangeLog: * Wed Jun 30 2021 Adam Williamson - 8.73-2 - Backport session security fixes from 9.19 --------------------------------------------------------------------------------This update can be installed with the"dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-eee91f69df' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . This release introduces crucial backported security enhancements for Mojolicious within Fedora 33, significantly strengthening session protections.. Mojolicious Framework, Fedora Updates, Session Security, Security Fixes, Perl Web Applications. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 08, 2021 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalFedora

Fedora 23: lxdm Update Critical Local User X Connection Risk

A bug is reported that session opened via LXDM allows any local users to connect X. This new package should fix this issue.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-44deee4d7a 2015-11-01 01:51:21.180829 -------------------------------------------------------------------------------- Name : lxdm Product : Fedora 23 Version : 0.5.1 Release : 7.D20151007gite8f38708.fc23 URL : Summary : Lightweight X11 Display Manager Description : LXDM is the future display manager of LXDE, the Lightweight X11 Desktop environment. It is designed as a lightweight alternative to replace GDM or KDM in LXDE distros. It's still in very early stage of development. -------------------------------------------------------------------------------- Update Information: A bug is reported that session opened via LXDM allows any local users to connect X. This new package should fix this issue. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1268900 - lxdm: X server started without -auth, exposing it to connections form any local user https://bugzilla.redhat.com/show_bug.cgi?id=1268900 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update lxdm' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . The LXDM software update enhances the security of Fedora 23 bypreventing unauthorized local user access to X server connections.. Fedora 23 LXDM,Solution Local Access,Secure Update,Display Manager Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 01, 2015 Critical Fedora
Banner 1 1028x280 1708121660 1771599717
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hat Enterprise Linuxmoderate severity

Red Hat Enterprise Linux 3/4 RHSA-2010:0163 Moderate: OpenSSL Issue

Updated openssl packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: openssl security update Advisory ID: RHSA-2010:0163-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2010:0163.html Issue date: 2010-03-25 CVE Names: CVE-2009-0590 CVE-2009-2409 CVE-2009-3555 ==================================================================== 1. Summary: Updated openssl packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general purpose cryptography library. A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handled sessionrenegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS connection to a website). This could force the server to process an attacker's request as if authenticated using the victim's credentials. This update addresses this flaw by implementing the TLS Renegotiation Indication Extension, as defined in RFC 5746. (CVE-2009-3555) Refer to the following Knowledgebase article for additional details about the CVE-2009-3555 flaw: Dan Kaminsky found that browsers could accept certificates with MD2 hash signatures, even though MD2 is no longer considered a cryptographically strong algorithm. This could make it easier for an attacker to create a malicious certificate that would be treated as trusted by a browser. OpenSSL now disables the use of the MD2 algorithm inside signatures by default. (CVE-2009-2409) An input validation flaw was found in the handling of the BMPString and UniversalString ASN1 string types in OpenSSL's ASN1_STRING_print_ex() function. An attacker could use this flaw to create a specially-crafted X.509 certificate that could cause applications using the affected function to crash when printing certificate contents. (CVE-2009-0590) Note: The affected function is rarely used. No application shipped with Red Hat Enterprise Linux calls this function, for example. All OpenSSL users should upgrade to these updated packages, which contain backported patches to resolve these issues. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (http://bugzilla.redhat.com/): 492304 - CVE-2009-0590 openssl: ASN1 printing crash 510197 - CVE-2009-2409 deprecate MD2 in SSL cert validation(Kaminsky) 533125 - CVE-2009-3555 TLS: MITM attacks via session renegotiation 6. Package List: Red Hat Enterprise Linux AS version 3: Source: i386: openssl-0.9.7a-33.26.i386.rpm openssl-0.9.7a-33.26.i686.rpm openssl-debuginfo-0.9.7a-33.26.i386.rpm openssl-debuginfo-0.9.7a-33.26.i686.rpm openssl-devel-0.9.7a-33.26.i386.rpm openssl-perl-0.9.7a-33.26.i386.rpm ia64: openssl-0.9.7a-33.26.i686.rpm openssl-0.9.7a-33.26.ia64.rpm openssl-debuginfo-0.9.7a-33.26.i686.rpm openssl-debuginfo-0.9.7a-33.26.ia64.rpm openssl-devel-0.9.7a-33.26.ia64.rpm openssl-perl-0.9.7a-33.26.ia64.rpm ppc: openssl-0.9.7a-33.26.ppc.rpm openssl-0.9.7a-33.26.ppc64.rpm openssl-debuginfo-0.9.7a-33.26.ppc.rpm openssl-debuginfo-0.9.7a-33.26.ppc64.rpm openssl-devel-0.9.7a-33.26.ppc.rpm openssl-perl-0.9.7a-33.26.ppc.rpm s390: openssl-0.9.7a-33.26.s390.rpm openssl-debuginfo-0.9.7a-33.26.s390.rpm openssl-devel-0.9.7a-33.26.s390.rpm openssl-perl-0.9.7a-33.26.s390.rpm s390x: openssl-0.9.7a-33.26.s390.rpm openssl-0.9.7a-33.26.s390x.rpm openssl-debuginfo-0.9.7a-33.26.s390.rpm openssl-debuginfo-0.9.7a-33.26.s390x.rpm openssl-devel-0.9.7a-33.26.s390x.rpm openssl-perl-0.9.7a-33.26.s390x.rpm x86_64: openssl-0.9.7a-33.26.i686.rpm openssl-0.9.7a-33.26.x86_64.rpm openssl-debuginfo-0.9.7a-33.26.i686.rpm openssl-debuginfo-0.9.7a-33.26.x86_64.rpm openssl-devel-0.9.7a-33.26.x86_64.rpm openssl-perl-0.9.7a-33.26.x86_64.rpm Red Hat Desktop version 3: Source: i386: openssl-0.9.7a-33.26.i386.rpm openssl-0.9.7a-33.26.i686.rpm openssl-debuginfo-0.9.7a-33.26.i386.rpm openssl-debuginfo-0.9.7a-33.26.i686.rpm openssl-devel-0.9.7a-33.26.i386.rpm openssl-perl-0.9.7a-33.26.i386.rpm x86_64: openssl-0.9.7a-33.26.i686.rpm openssl-0.9.7a-33.26.x86_64.rpm openssl-debuginfo-0.9.7a-33.26.i686.rpm openssl-debuginfo-0.9.7a-33.26.x86_64.rpm openssl-devel-0.9.7a-33.26.x86_64.rpm openssl-perl-0.9.7a-33.26.x86_64.rpm Red Hat Enterprise Linux ES version3: Source: i386: openssl-0.9.7a-33.26.i386.rpm openssl-0.9.7a-33.26.i686.rpm openssl-debuginfo-0.9.7a-33.26.i386.rpm openssl-debuginfo-0.9.7a-33.26.i686.rpm openssl-devel-0.9.7a-33.26.i386.rpm openssl-perl-0.9.7a-33.26.i386.rpm ia64: openssl-0.9.7a-33.26.i686.rpm openssl-0.9.7a-33.26.ia64.rpm openssl-debuginfo-0.9.7a-33.26.i686.rpm openssl-debuginfo-0.9.7a-33.26.ia64.rpm openssl-devel-0.9.7a-33.26.ia64.rpm openssl-perl-0.9.7a-33.26.ia64.rpm x86_64: openssl-0.9.7a-33.26.i686.rpm openssl-0.9.7a-33.26.x86_64.rpm openssl-debuginfo-0.9.7a-33.26.i686.rpm openssl-debuginfo-0.9.7a-33.26.x86_64.rpm openssl-devel-0.9.7a-33.26.x86_64.rpm openssl-perl-0.9.7a-33.26.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: i386: openssl-0.9.7a-33.26.i386.rpm openssl-0.9.7a-33.26.i686.rpm openssl-debuginfo-0.9.7a-33.26.i386.rpm openssl-debuginfo-0.9.7a-33.26.i686.rpm openssl-devel-0.9.7a-33.26.i386.rpm openssl-perl-0.9.7a-33.26.i386.rpm ia64: openssl-0.9.7a-33.26.i686.rpm openssl-0.9.7a-33.26.ia64.rpm openssl-debuginfo-0.9.7a-33.26.i686.rpm openssl-debuginfo-0.9.7a-33.26.ia64.rpm openssl-devel-0.9.7a-33.26.ia64.rpm openssl-perl-0.9.7a-33.26.ia64.rpm x86_64: openssl-0.9.7a-33.26.i686.rpm openssl-0.9.7a-33.26.x86_64.rpm openssl-debuginfo-0.9.7a-33.26.i686.rpm openssl-debuginfo-0.9.7a-33.26.x86_64.rpm openssl-devel-0.9.7a-33.26.x86_64.rpm openssl-perl-0.9.7a-33.26.x86_64.rpm Red Hat Enterprise Linux AS version4: Source: i386: openssl-0.9.7a-43.17.el4_8.5.i386.rpm openssl-0.9.7a-43.17.el4_8.5.i686.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.i386.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.i686.rpm openssl-devel-0.9.7a-43.17.el4_8.5.i386.rpm openssl-perl-0.9.7a-43.17.el4_8.5.i386.rpm ia64: openssl-0.9.7a-43.17.el4_8.5.i686.rpm openssl-0.9.7a-43.17.el4_8.5.ia64.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.i686.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.ia64.rpm openssl-devel-0.9.7a-43.17.el4_8.5.ia64.rpm openssl-perl-0.9.7a-43.17.el4_8.5.ia64.rpm ppc: openssl-0.9.7a-43.17.el4_8.5.ppc.rpm openssl-0.9.7a-43.17.el4_8.5.ppc64.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.ppc.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.ppc64.rpm openssl-devel-0.9.7a-43.17.el4_8.5.ppc.rpm openssl-devel-0.9.7a-43.17.el4_8.5.ppc64.rpm openssl-perl-0.9.7a-43.17.el4_8.5.ppc.rpm s390: openssl-0.9.7a-43.17.el4_8.5.s390.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.s390.rpm openssl-devel-0.9.7a-43.17.el4_8.5.s390.rpm openssl-perl-0.9.7a-43.17.el4_8.5.s390.rpm s390x: openssl-0.9.7a-43.17.el4_8.5.s390.rpm openssl-0.9.7a-43.17.el4_8.5.s390x.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.s390.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.s390x.rpm openssl-devel-0.9.7a-43.17.el4_8.5.s390.rpm openssl-devel-0.9.7a-43.17.el4_8.5.s390x.rpm openssl-perl-0.9.7a-43.17.el4_8.5.s390x.rpm x86_64: openssl-0.9.7a-43.17.el4_8.5.i686.rpm openssl-0.9.7a-43.17.el4_8.5.x86_64.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.i386.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.i686.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.x86_64.rpm openssl-devel-0.9.7a-43.17.el4_8.5.i386.rpm openssl-devel-0.9.7a-43.17.el4_8.5.x86_64.rpm openssl-perl-0.9.7a-43.17.el4_8.5.x86_64.rpm Red Hat Enterprise Linux Desktop version4: Source: i386: openssl-0.9.7a-43.17.el4_8.5.i386.rpm openssl-0.9.7a-43.17.el4_8.5.i686.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.i386.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.i686.rpm openssl-devel-0.9.7a-43.17.el4_8.5.i386.rpm openssl-perl-0.9.7a-43.17.el4_8.5.i386.rpm x86_64: openssl-0.9.7a-43.17.el4_8.5.i686.rpm openssl-0.9.7a-43.17.el4_8.5.x86_64.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.i386.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.i686.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.x86_64.rpm openssl-devel-0.9.7a-43.17.el4_8.5.i386.rpm openssl-devel-0.9.7a-43.17.el4_8.5.x86_64.rpm openssl-perl-0.9.7a-43.17.el4_8.5.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: i386: openssl-0.9.7a-43.17.el4_8.5.i386.rpm openssl-0.9.7a-43.17.el4_8.5.i686.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.i386.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.i686.rpm openssl-devel-0.9.7a-43.17.el4_8.5.i386.rpm openssl-perl-0.9.7a-43.17.el4_8.5.i386.rpm ia64: openssl-0.9.7a-43.17.el4_8.5.i686.rpm openssl-0.9.7a-43.17.el4_8.5.ia64.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.i686.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.ia64.rpm openssl-devel-0.9.7a-43.17.el4_8.5.ia64.rpm openssl-perl-0.9.7a-43.17.el4_8.5.ia64.rpm x86_64: openssl-0.9.7a-43.17.el4_8.5.i686.rpm openssl-0.9.7a-43.17.el4_8.5.x86_64.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.i386.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.i686.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.x86_64.rpm openssl-devel-0.9.7a-43.17.el4_8.5.i386.rpm openssl-devel-0.9.7a-43.17.el4_8.5.x86_64.rpm openssl-perl-0.9.7a-43.17.el4_8.5.x86_64.rpm Red Hat Enterprise Linux WS version4: Source: i386: openssl-0.9.7a-43.17.el4_8.5.i386.rpm openssl-0.9.7a-43.17.el4_8.5.i686.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.i386.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.i686.rpm openssl-devel-0.9.7a-43.17.el4_8.5.i386.rpm openssl-perl-0.9.7a-43.17.el4_8.5.i386.rpm ia64: openssl-0.9.7a-43.17.el4_8.5.i686.rpm openssl-0.9.7a-43.17.el4_8.5.ia64.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.i686.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.ia64.rpm openssl-devel-0.9.7a-43.17.el4_8.5.ia64.rpm openssl-perl-0.9.7a-43.17.el4_8.5.ia64.rpm x86_64: openssl-0.9.7a-43.17.el4_8.5.i686.rpm openssl-0.9.7a-43.17.el4_8.5.x86_64.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.i386.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.i686.rpm openssl-debuginfo-0.9.7a-43.17.el4_8.5.x86_64.rpm openssl-devel-0.9.7a-43.17.el4_8.5.i386.rpm openssl-devel-0.9.7a-43.17.el4_8.5.x86_64.rpm openssl-perl-0.9.7a-43.17.el4_8.5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2009-0590 https://access.redhat.com/security/cve/CVE-2009-2409 https://access.redhat.com/security/cve/CVE-2009-3555 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2010 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLq0FMXlSAg2UNWIIRAkUBAJ9U9UK/AKGkp6C6aKNiju/0H85ncACff/Ik XNkd/Dl7OFXMXyyM51/Tb50=6XPJ -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Newly released OpenSSL updates address moderate vulnerabilities on Red Hat Enterprise Linux versions 3 and 4. Find out more.. OpenSSL Security, Linux Update, Red Hat Patching, Security Advisory. . LinuxSecurity.com Team

Calendar 2 Mar 25, 2010 Red Hat
99
Ls Advisories Slackware Esm H240
Price Tag 1security advisorybuffer overflowcritical

Slackware 10.2: 2006-217-01 Critical Update for PHP Buffer Overflow

New php packages are available for Slackware 10.2 and -current to fix security and other issues. More details about these issues may be found on the PHP website: . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] php (SSA:2006-217-01) New php packages are available for Slackware 10.2 and -current to fix security and other issues. More details about these issues may be found on the PHP website: https://www.php.net/ Here are the details from the Slackware 10.2 ChangeLog: +--------------------------+ patches/packages/php-4.4.3-i486-1_slack10.2.tgz: Upgraded to php-4.4.3. From the announcement of the release: The security issues resolved include the following: * Disallow certain characters in session names. * Fixed a buffer overflow inside the wordwrap() function. * Prevent jumps to parent directory via the 2nd parameter of the tempnam() function. * Improved safe_mode check for the error_log() function. * Fixed cross-site scripting inside the phpinfo() function. The PHP 4.4.3 release announcement may be found on their web site: https://www.php.net/ (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Updated package for Slackware 10.2: Updated package for Slackware -current: MD5 signatures: +-------------+ Slackware 10.2 package: 417d976f97a53240868e5c715f1ba00b php-4.4.3-i486-1_slack10.2.tgz Slackware -current package: 713b87c55978e85275c27e720c595ef4 php-4.4.3-i486-1.tgz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg php-4.4.3-i486-1_slack10.2.tgz +-----+ . Recent updates to PHP packages on Slackware address critical security vulnerabilities such as buffer overflow threats and cross-site scripting (XSS) weaknesses.. PHP Packages, Security Updates, Slackware Critical Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Aug 05, 2006 Critical Slackware
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here