Alerts This Week
Warning Icon 1 609
Alerts This Week
Warning Icon 1 609

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 44 Transmission 4.1.2 Important Clickjacking Fix CVE-2026-38978

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 libre 4.8.1 Critical Update Details for Real-Time Communication

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 NextCloud Update Denial of Service JSON Tampering 2026-30881a5be7

Calendar White Jun 05, 2026
Important
Fedora Large Esm H800
Fedora

Fedora 44 python-starlette Security Fix for CVE-2026-48710

Calendar White Jun 05, 2026
Critical
Fedora Large Esm H900
Fedora

Fedora 44 perl-Cpanel-JSON-XS Moderate Denial of Service CVE-2026-9516

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 rubygem-yard High Path Traversal Fix Vuln 2026-acefc1fe48

Calendar White Jun 05, 2026
high
Fedora Large Esm H800
Fedora

Fedora 44 Rust Sequoia Sop Low-Severity Fix Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-sq Low Threat Security Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-wot Low Severity Security Fix 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 0 articles for you...
217
Ls Advisories Oracle Esm H240
Price Tag 1security advisorymoderatesecurity fix

Oracle Linux 9 ELSA-2025-12834: python3.12-setuptools Moderate Fix

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-12834 http://linux.oracle.com/errata/ELSA-2025-12834.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: python3.12-setuptools-68.2.2-5.el9_6.noarch.rpm python3.12-setuptools-wheel-68.2.2-5.el9_6.noarch.rpm aarch64: python3.12-setuptools-68.2.2-5.el9_6.noarch.rpm python3.12-setuptools-wheel-68.2.2-5.el9_6.noarch.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/python3.12-setuptools-68.2.2-5.el9_6.src.rpm Related CVEs: CVE-2025-47273 Description of changes: [68.2.2-5] - Security fix for CVE-2025-47273 Resolves: RHEL-101118 _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . The latest python3.12-setuptools update for Oracle Linux 9 resolves significant security vulnerabilities. Ensure your system is protected with these critical updates.. Oracle Linux, Setuptools, Python 3.12, Security Advisory. . LinuxSecurity.com Team

Calendar 2 Aug 07, 2025 Oracle
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoraimportant

Fedora 41 Security Update: Important Python Setuptools Path Traversal

Security fix for CVE-2025-47273. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-1746085e78 2025-06-21 02:10:24.663234+00:00 -------------------------------------------------------------------------------- Name : python-setuptools Product : Fedora 41 Version : 69.2.0 Release : 10.fc41 URL : https://pypi.org/project/setuptools/ Summary : Easily build and distribute Python packages Description : Setuptools is a collection of enhancements to the Python distutils that allow you to more easily build and distribute Python packages, especially ones that have dependencies on other packages. This package also contains the runtime components of setuptools, necessary to execute the software that requires pkg_resources. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2025-47273 -------------------------------------------------------------------------------- ChangeLog: * Sun Jun 15 2025 Miro Hrončok - 69.2.0-10 - Security fix for CVE-2025-47273 - Fixes: rhbz#2372613 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2372613 - CVE-2025-47273 python-setuptools: Path Traversal Vulnerability in setuptools PackageIndex [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2372613 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-1746085e78' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Thelatest Fedora 41 release for python-setuptools tackles a significant security vulnerability recognized as CVE-2025-47273, which pertains to a path traversal issue.. Fedora 41, python setuptools, security fix, path traversal, CVE-2025-47273. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 21, 2025 Important Fedora
Banner 3 1028x280 1708121785 1771599793
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorysoftware updateremote code execution

Debian 11 Bullseye DLA-4183-1 Moderate: Setuptools Path Traversal Risk

A path traversal vulnerability in `PackageIndex` was found in setuptools. An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to remote code execution depending on the context. . From: Lee Garrett To: This email address is being protected from spambots. You need JavaScript enabled to view it. Subject: [SECURITY] [DLA 4183-1] setuptools security update - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4183-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Lee Garrett May 28, 2025 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : setuptools Version : 52.0.0-4+deb11u2 CVE ID : CVE-2025-47273 Debian Bug : 1105970 A path traversal vulnerability in `PackageIndex` was found in setuptools. An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to remote code execution depending on the context. For Debian 11 bullseye, this problem has been fixed in version 52.0.0-4+deb11u2. We recommend that you upgrade your setuptools packages. For the detailed security status of setuptools please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/setuptools Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Enhance setuptools to address a directory traversal vulnerability that may permit remote code execution on Debian-based platforms.. setuptools security, Debian LTS, path traversal risk. . LinuxSecurity.com Team

Calendar 2 May 28, 2025 Debian LTS
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorycriticalUbuntu

Ubuntu 24.04: USN-7002-1 Critical: Setuptools Remote Execution

setuptools could be made to crash or run programs if it received specially crafted network traffic.. ========================================================================== Ubuntu Security Notice USN-7002-1 September 12, 2024 python-setuptools, setuptools vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: setuptools could be made to crash or run programs if it received specially crafted network traffic. Software Description: - setuptools: Python Distutils Enhancements - python-setuptools: Python Distutils Enhancements Details: It was discovered that setuptools was vulnerable to remote code execution. An attacker could possibly use this issue to execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS python3-setuptools 68.1.2-2ubuntu1.1 Ubuntu 22.04 LTS pypy-setuptools 44.1.1-1.2ubuntu0.22.04.1+esm1 Available with Ubuntu Pro python-setuptools 44.1.1-1.2ubuntu0.22.04.1+esm1 Available with Ubuntu Pro python3-setuptools 59.6.0-1.2ubuntu0.22.04.2 Ubuntu 20.04 LTS pypy-setuptools 44.0.0-2ubuntu0.1+esm1 Available with Ubuntu Pro python-setuptools 44.0.0-2ubuntu0.1+esm1 Available with Ubuntu Pro python3-setuptools 45.2.0-1ubuntu0.2 Ubuntu 18.04 LTS pypy-setuptools 39.0.1-2ubuntu0.1+esm1 Available with Ubuntu Pro python-setuptools 39.0.1-2ubuntu0.1+esm1 Available withUbuntu Pro python3-setuptools 39.0.1-2ubuntu0.1+esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS pypy-setuptools 20.7.0-1ubuntu0.1~esm2 Available with Ubuntu Pro python-setuptools 20.7.0-1ubuntu0.1~esm2 Available with Ubuntu Pro python3-setuptools 20.7.0-1ubuntu0.1~esm2 Available with Ubuntu Pro Ubuntu 14.04 LTS python-setuptools 3.3-1ubuntu2+esm2 Available with Ubuntu Pro python3-setuptools 3.3-1ubuntu2+esm2 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7002-1 CVE-2024-6345 Package Information: https://launchpad.net/ubuntu/+source/setuptools/68.1.2-2ubuntu1.1 . Essential patches for python-setuptools alleviate vulnerabilities tied to remote execution threats stemming from malicious data packets. Safeguard your Ubuntu machines immediately.. setuptools update, Ubuntu security, Python software, remote execution, network vulnerability. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 12, 2024 Critical Ubuntu
Banner 3 1028x280 1708121785 1771599793
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorydenial of servicesecurity update

Debian: DLA-3876-1 Critical: Setuptools Denial of Service and Code Exec

Brief introduction CVE-2022-40897 . ------------------------------------------------------------------------- Debian LTS Advisory DLA-3876-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Daniel Leidert September 05, 2024 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : setuptools Version : 52.0.0-4+deb11u1 CVE ID : CVE-2022-40897 CVE-2024-6345 Debian Bug : Brief introduction CVE-2022-40897 setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py. CVE-2024-6345 A vulnerability in the package_index module allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. For Debian 11 bullseye, these problems have been fixed in version 52.0.0-4+deb11u1. We recommend that you upgrade your setuptools packages. For the detailed security status of setuptools please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/setuptools Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Update setuptools modules immediately to address severe security issues highlighted in the Debian LTS Advisory DLA-3876-1 released in September 2024.. Debian Setuptools Security, Remote Code Execution, Denial of Service, Security Updates. . Severity: Critical. LinuxSecurity.comTeam

Calendar 2 Sep 04, 2024 Critical Debian LTS
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorydenial of servicegentoo

Gentoo GLSA 202405-10: Setuptools Denial Of Service Normal Severity

A vulnerability has been discovered in Setuptools, which can lead to denial of service.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202405-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Setuptools: Denial of Service Date: May 05, 2024 Bugs: #879813 ID: 202405-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== A vulnerability has been discovered in Setuptools, which can lead to denial of service. Background ========== Setuptools is a manager for Python packages. Affected packages ================= Package Vulnerable Unaffected --------------------- ------------ ------------ dev-python/setuptools < 65.5.1 > = 65.5.1 Description =========== A vulnerability has been discovered in Setuptools. See the impact field. Impact ====== An inefficiency in a regular expression may end in a denial of service if an user is fetching malicious HTML from a package in PyPI or a custom PackageIndex page. Workaround ========== There is no known workaround at this time. Resolution ========== All Setuptools users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-python/setuptools-65.5.1" References ========== [ 1 ] CVE-2022-40897 https://nvd.nist.gov/vuln/detail/CVE-2022-40897 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202405-10 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you mayfile a bug at https://bugs.gentoo.org. License ======= Copyright 2024 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . Uncover the Gentoo GLSA 202405-10 notice about a Setuptools Denial of Service vulnerability along with steps for upgrading. Stay informed on potential risks and mitigation measures.. Setuptools Denial Service,Gentoo Security,Python Package Management. . LinuxSecurity.com Team

Calendar 2 May 05, 2024 Gentoo
Banner 3 1028x280 1708121785 1771599793
217
Ls Advisories Oracle Esm H240
Price Tag 1security advisorysecurity updateupdate

Oracle Linux 7 ELSA-2023-12348 Critical: Python3 Setuptools Security Fix

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2023-12348 https://linux.oracle.com/errata/ELSA-2023-12348.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: aarch64: python3-setuptools-39.2.0-10.0.1.el7.noarch.rpm SRPMS: https://oss.oracle.com:443/ol7/SRPMS-updates//python3-setuptools-39.2.0-10.0.1.el7.src.rpm Related CVEs: CVE-2022-40897 Description of changes: [39.2.0-10.0.1] - Back port fix for CVE-2022-40897 [Orabug: 35034581] _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux ELSA-2023-12349 presents essential updates, featuring crucial patches for Python3's pip tool.. Oracle Linux, Python3 Security Update, ELSA-2023-12348, Important Package Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 May 24, 2023 Critical Oracle
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorydirectory traversalsecurity fix

openSUSE Leap 15.1: 2020:2185-1 Important: Directory Traversal Fix

An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for python-setuptools ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:2185-1 Rating: important References: #1176262 Cross-References: CVE-2019-20916 Affected Products: openSUSE Leap 15.1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python-setuptools fixes the following issues: - Fixed a directory traversal in _download_http_url() (bsc#1176262 CVE-2019-20916) This update was imported from the SUSE:SLE-15-SP1:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2020-2185=1 Package List: - openSUSE Leap 15.1 (noarch): python2-setuptools-40.5.0-lp151.2.3.1 python2-setuptools-test-40.5.0-lp151.2.3.1 python2-setuptools-wheel-40.5.0-lp151.2.3.1 python3-setuptools-40.5.0-lp151.2.3.1 python3-setuptools-test-40.5.0-lp151.2.3.1 python3-setuptools-wheel-40.5.0-lp151.2.3.1 References: https://www.suse.com/security/cve/CVE-2019-20916.html https://bugzilla.suse.com/1176262 _______________________________________________ openSUSE Security Announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe, email This email address is being protected from spambots. You need JavaScript enabled to view it. List Netiquette: List Archives: . A crucial update is now available for python-setuptools addressing a directory traversal flaw in openSUSE Leap 15.1.. openSUSE Security Update, Python Setuptools Fix, Directory Traversal Issue. . Severity: Important.LinuxSecurity.com Team

Calendar 2 Dec 07, 2020 Important OpenSUSE
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here