Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 5 articles for you...
202
security advisorymoderate severityvulnerabilityopenSUSE 2023:0405-1 moderate: fish shell expansion fix
An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for fish ______________________________________________________________________________ Announcement ID: openSUSE-SU-2023:0404-1 Rating: moderate References: #1217808 Cross-References: CVE-2023-49284 CVSS scores: CVE-2023-49284 (NVD) : 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H CVE-2023-49284 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L Affected Products: openSUSE Backports SLE-15-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for fish fixes the following issues: - CVE-2023-49284: Fixed shell expansion triggered by command substitution output (boo#1217808). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP4: zypper in -t patch openSUSE-2023-404=1 Package List: - openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64): fish-3.3.1-bp154.3.3.1 fish-devel-3.3.1-bp154.3.3.1 References: https://www.suse.com/security/cve/CVE-2023-49284.html https://bugzilla.suse.com/1217808 . Tackles a significant fish shell flaw in Debian. Upgrade now to safeguard your platform from shell risks.. openSUSE Security,Fish Update,Shell Expansion Fix. . LinuxSecurity.com Team
Dec 16, 2023
OpenSUSE
202
security advisorymoderate severitysecurity patchopenSUSE: 2023:0405-1 moderate: fish shell expansion fix
An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for fish ______________________________________________________________________________ Announcement ID: openSUSE-SU-2023:0405-1 Rating: moderate References: #1217808 Cross-References: CVE-2023-49284 CVSS scores: CVE-2023-49284 (NVD) : 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H CVE-2023-49284 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for fish fixes the following issues: - CVE-2023-49284: Fixed shell expansion triggered by command substitution output (boo#1217808). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2023-405=1 Package List: - openSUSE Backports SLE-15-SP5 (aarch64 i586 ppc64le s390x x86_64): fish-3.3.1-bp155.4.3.1 fish-devel-3.3.1-bp155.4.3.1 References: https://www.suse.com/security/cve/CVE-2023-49284.html https://bugzilla.suse.com/1217808 . The latest openSUSE upgrade tackles a significant security flaw within the fish shell. Ensure you implement this update to bolster your system's protection.. openSUSE Fish Update, Security Patch, Command Substitution Fix. . LinuxSecurity.com Team
Dec 16, 2023
OpenSUSE
98
security advisoryRed Hatsecurity fixRed Hat 8.2 RHSA-2022:0184-01 Important: gegl04 Shell Issue
An update for gegl04 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: gegl04 security update Advisory ID: RHSA-2022:0184-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:0184 Issue date: 2022-01-19 CVE Names: CVE-2021-45463 ==================================================================== 1. Summary: An update for gegl04 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder EUS (v. 8.2) - ppc64le, x86_64 Red Hat Enterprise Linux AppStream EUS (v. 8.2) - ppc64le, x86_64 3. Description: GEGL (Generic Graphics Library) is a graph-based image processing framework. Security Fix(es): * gegl: shell expansion via a crafted pathname (CVE-2021-45463) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2035383 - CVE-2021-45463 gegl: shell expansion via a crafted pathname 6. Package List: Red Hat Enterprise Linux AppStream EUS (v.8.2): Source: gegl04-0.4.4-6.el8_2.1.src.rpm ppc64le: gegl04-0.4.4-6.el8_2.1.ppc64le.rpm gegl04-debuginfo-0.4.4-6.el8_2.1.ppc64le.rpm gegl04-debugsource-0.4.4-6.el8_2.1.ppc64le.rpm gegl04-tools-debuginfo-0.4.4-6.el8_2.1.ppc64le.rpm x86_64: gegl04-0.4.4-6.el8_2.1.i686.rpm gegl04-0.4.4-6.el8_2.1.x86_64.rpm gegl04-debuginfo-0.4.4-6.el8_2.1.i686.rpm gegl04-debuginfo-0.4.4-6.el8_2.1.x86_64.rpm gegl04-debugsource-0.4.4-6.el8_2.1.i686.rpm gegl04-debugsource-0.4.4-6.el8_2.1.x86_64.rpm gegl04-tools-debuginfo-0.4.4-6.el8_2.1.i686.rpm gegl04-tools-debuginfo-0.4.4-6.el8_2.1.x86_64.rpm Red Hat CodeReady Linux Builder EUS (v. 8.2): ppc64le: gegl04-debuginfo-0.4.4-6.el8_2.1.ppc64le.rpm gegl04-debugsource-0.4.4-6.el8_2.1.ppc64le.rpm gegl04-devel-0.4.4-6.el8_2.1.ppc64le.rpm gegl04-tools-debuginfo-0.4.4-6.el8_2.1.ppc64le.rpm x86_64: gegl04-debuginfo-0.4.4-6.el8_2.1.i686.rpm gegl04-debuginfo-0.4.4-6.el8_2.1.x86_64.rpm gegl04-debugsource-0.4.4-6.el8_2.1.i686.rpm gegl04-debugsource-0.4.4-6.el8_2.1.x86_64.rpm gegl04-devel-0.4.4-6.el8_2.1.i686.rpm gegl04-devel-0.4.4-6.el8_2.1.x86_64.rpm gegl04-tools-debuginfo-0.4.4-6.el8_2.1.i686.rpm gegl04-tools-debuginfo-0.4.4-6.el8_2.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2021-45463 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYegFoNzjgjWX9erEAQg3dhAAlmSoZX8SticIWah2N2iSK57wz6Naq5/R IZPZvpfyG4xSB/IJN0rSZrNvRsP4weQbvze1uSwWj7vb6TMzC7oUDejneUdNCInC CKn/fCKbP9ljPUw/aAXxc+55NtgnO/pi0D85lc3rugHmyCHli8Adp1xUybrfTAuO WoXQNVNGoqjLIlihIGn/y7Np2vCK/L6LJ07w0BZoEb20gZqq3TUXAfSba9L80uht ZsnE85Ics/m+IUzoOaSgJBYW8Wy97LT5foRdwlnxeT3zTxpKzPr2aa+M8cuAShB0 Yc/Xb/jbCzrJq26Mlb4FQjxYM/wBtz4+9JkwWPYTZrwIJg3fxMFYc8rdhSwWrINz DseCeLncGZzt2K9CJ+ak/F+/vsU5CAVaXNOGR6HxEX3QyV8fZp7EPAwFOd/+nSHV TmdgfbX23Wdn6hh4q7SsZCfXQIaaZWnFfosFsdKaVE3tzN2hGtF8DLZW7CwJ2DGB THs0SA8nefQgux6cQ/xuuOEF1BVwlLtTTm2UDavJfezCfJJTcKtCcTC9redXmmAW VZSN4CjzrKs+2jOp9sSfj4URu2pJXo03Sq3Nzzm8Qpwpcd4p7uJN6G151uT74AC0 H11EWKFVBIoMCTEU5fYqfCx0RynVB7Ac9kZKR9x2kfJUuIh6PZZs+rYagu6/GUDo JT3GqetQPLU=UwAJ -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jan 19, 2022
•Important
Red Hat
98
security advisoryRed Hat Enterprise Linuximportant updateRed Hat Enterprise Linux 8: RHSA-2022-0177-02 Important: Shell Expansion
An update for gegl04 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: gegl04 security update Advisory ID: RHSA-2022:0177-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:0177 Issue date: 2022-01-19 CVE Names: CVE-2021-45463 ==================================================================== 1. Summary: An update for gegl04 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat CodeReady Linux Builder (v. 8) - ppc64le, x86_64 Red Hat Enterprise Linux AppStream (v. 8) - ppc64le, x86_64 3. Description: GEGL (Generic Graphics Library) is a graph-based image processing framework. Security Fix(es): * gegl: shell expansion via a crafted pathname (CVE-2021-45463) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2035383 - CVE-2021-45463 gegl: shell expansion via a crafted pathname 6. Package List: Red Hat Enterprise Linux AppStream (v.8): Source: gegl04-0.4.4-6.el8_5.2.src.rpm ppc64le: gegl04-0.4.4-6.el8_5.2.ppc64le.rpm gegl04-debuginfo-0.4.4-6.el8_5.2.ppc64le.rpm gegl04-debugsource-0.4.4-6.el8_5.2.ppc64le.rpm gegl04-tools-debuginfo-0.4.4-6.el8_5.2.ppc64le.rpm x86_64: gegl04-0.4.4-6.el8_5.2.i686.rpm gegl04-0.4.4-6.el8_5.2.x86_64.rpm gegl04-debuginfo-0.4.4-6.el8_5.2.i686.rpm gegl04-debuginfo-0.4.4-6.el8_5.2.x86_64.rpm gegl04-debugsource-0.4.4-6.el8_5.2.i686.rpm gegl04-debugsource-0.4.4-6.el8_5.2.x86_64.rpm gegl04-tools-debuginfo-0.4.4-6.el8_5.2.i686.rpm gegl04-tools-debuginfo-0.4.4-6.el8_5.2.x86_64.rpm Red Hat CodeReady Linux Builder (v. 8): ppc64le: gegl04-debuginfo-0.4.4-6.el8_5.2.ppc64le.rpm gegl04-debugsource-0.4.4-6.el8_5.2.ppc64le.rpm gegl04-devel-0.4.4-6.el8_5.2.ppc64le.rpm gegl04-tools-debuginfo-0.4.4-6.el8_5.2.ppc64le.rpm x86_64: gegl04-debuginfo-0.4.4-6.el8_5.2.i686.rpm gegl04-debuginfo-0.4.4-6.el8_5.2.x86_64.rpm gegl04-debugsource-0.4.4-6.el8_5.2.i686.rpm gegl04-debugsource-0.4.4-6.el8_5.2.x86_64.rpm gegl04-devel-0.4.4-6.el8_5.2.i686.rpm gegl04-devel-0.4.4-6.el8_5.2.x86_64.rpm gegl04-tools-debuginfo-0.4.4-6.el8_5.2.i686.rpm gegl04-tools-debuginfo-0.4.4-6.el8_5.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2021-45463 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYegFVdzjgjWX9erEAQgekQ//cMQEZVSjqDw+upgNa5YJ0hBOCojOAv2K f9S7qRP505rSA9hyqL139RuvrPqsjWFq4dYjpEPcyG5ASzY6FY3g3WQD6dVjGh2k cZekOV0zCNVFPAZhcXyqOd39FmnpOQNyOXPIQ0nqHLQKdidebvEOn8Jqi/upin0W 9X5tUDimVZdbkGXuk+uRojnU4iu2jt75ahrIAemPzDUfIFZFDJwMf3qI2A7/b6iz 006CXD6zoe9eXLLQj+BrWyCP3Rt/0fv1EqDPSP14h1kaThOWG/uY4B51J69oLhZG THIo5bI+KC+Zs0KNNcE5lMyB2j+ReuNDZSYScwnYUEAKaxtysJUOhFd/6DJ4ZqZ2 pdl1kw3pv2OjZpaj9bp8cGnVHUcDpFkxczdzFc9ULvNk3w1511ZQ7bLBEbP3nmxF 9i7rS7dK13tV7ieKuEHLD1rYafY+ZMkihG7MHRKSz+clJ7xB6Ps2JK95FsfVANsu qHJrtePUaT3Mq+5DM66N+OHO2zBY+ieyhS4iCoTxCXd7bVIwp+7fEeCudAlHYURl V/TJKN3y7raGJRObyC1I6etJbXt/QW6dsgMPdzJgFnGRDcv7xSoX6YU1hC31yPJx OF7aFDLgVey4WzrzaYbdcnm8lhFXsrZ2zv7M74IZQL93cbyWkZ6kBozzvzm3RdGB aE+G2r/qMo0=lKsf -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jan 19, 2022
•Important
Red Hat
200
security advisorycriticalsecurity fixScientific Linux SL7 SLSA-2022:0162-1 Critical: gegl Shell Expansion
gegl: shell expansion via a crafted pathname (CVE-2021-45463) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 gegl-0.2.0-19.el7_9.1.i686.rpm gegl-0.2.0-19.el7_9.1.x86_64.rpm gegl-debuginfo-0.2.0-19.el7_9.1.i686.rpm gegl-debuginfo-0.2.0-19.el7_9.1.x86_64.rpm gegl [More...]. Synopsis: Important: gegl security update Advisory ID: SLSA-2022:0162-1 Issue Date: 2022-01-18 CVE Numbers: CVE-2021-45463 -- Security Fix(es): * gegl: shell expansion via a crafted pathname (CVE-2021-45463) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE -- SL7 x86_64 gegl-0.2.0-19.el7_9.1.i686.rpm gegl-0.2.0-19.el7_9.1.x86_64.rpm gegl-debuginfo-0.2.0-19.el7_9.1.i686.rpm gegl-debuginfo-0.2.0-19.el7_9.1.x86_64.rpm gegl-devel-0.2.0-19.el7_9.1.i686.rpm gegl-devel-0.2.0-19.el7_9.1.x86_64.rpm - Scientific Linux Development Team . Crucial security patch released for gegl on Scientific Linux SL7.x targeting vulnerabilities in shell expansion.. Critical Update, gegl Security, Scientific Linux, Shell Expansion. . Severity: Critical. LinuxSecurity.com Team
Jan 18, 2022
•Critical
Scientific Linux
98
security advisoryRed Hat Enterprise LinuximportantRed Hat Enterprise Linux 7 RHSA-2022-0162 Important: gegl Shell Expansion
An update for gegl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: gegl security update Advisory ID: RHSA-2022:0162-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:0162 Issue date: 2022-01-18 CVE Names: CVE-2021-45463 ==================================================================== 1. Summary: An update for gegl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: GEGL (Generic Graphics Library) is a graph-based image processing framework. Security Fix(es): * gegl: shell expansion via a crafted pathname (CVE-2021-45463) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, referto: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2035383 - CVE-2021-45463 gegl: shell expansion via a crafted pathname 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: gegl-0.2.0-19.el7_9.1.src.rpm x86_64: gegl-0.2.0-19.el7_9.1.i686.rpm gegl-0.2.0-19.el7_9.1.x86_64.rpm gegl-debuginfo-0.2.0-19.el7_9.1.i686.rpm gegl-debuginfo-0.2.0-19.el7_9.1.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: gegl-debuginfo-0.2.0-19.el7_9.1.i686.rpm gegl-debuginfo-0.2.0-19.el7_9.1.x86_64.rpm gegl-devel-0.2.0-19.el7_9.1.i686.rpm gegl-devel-0.2.0-19.el7_9.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: gegl-0.2.0-19.el7_9.1.src.rpm ppc64le: gegl-0.2.0-19.el7_9.1.ppc64le.rpm gegl-debuginfo-0.2.0-19.el7_9.1.ppc64le.rpm x86_64: gegl-0.2.0-19.el7_9.1.i686.rpm gegl-0.2.0-19.el7_9.1.x86_64.rpm gegl-debuginfo-0.2.0-19.el7_9.1.i686.rpm gegl-debuginfo-0.2.0-19.el7_9.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): Source: gegl-0.2.0-19.el7_9.1.src.rpm ppc64: gegl-0.2.0-19.el7_9.1.ppc.rpm gegl-0.2.0-19.el7_9.1.ppc64.rpm gegl-debuginfo-0.2.0-19.el7_9.1.ppc.rpm gegl-debuginfo-0.2.0-19.el7_9.1.ppc64.rpm gegl-devel-0.2.0-19.el7_9.1.ppc.rpm gegl-devel-0.2.0-19.el7_9.1.ppc64.rpm ppc64le: gegl-debuginfo-0.2.0-19.el7_9.1.ppc64le.rpm gegl-devel-0.2.0-19.el7_9.1.ppc64le.rpm s390x: gegl-0.2.0-19.el7_9.1.s390.rpm gegl-0.2.0-19.el7_9.1.s390x.rpm gegl-debuginfo-0.2.0-19.el7_9.1.s390.rpm gegl-debuginfo-0.2.0-19.el7_9.1.s390x.rpm gegl-devel-0.2.0-19.el7_9.1.s390.rpm gegl-devel-0.2.0-19.el7_9.1.s390x.rpm x86_64: gegl-debuginfo-0.2.0-19.el7_9.1.i686.rpm gegl-debuginfo-0.2.0-19.el7_9.1.x86_64.rpm gegl-devel-0.2.0-19.el7_9.1.i686.rpm gegl-devel-0.2.0-19.el7_9.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: gegl-0.2.0-19.el7_9.1.src.rpm x86_64: gegl-0.2.0-19.el7_9.1.i686.rpm gegl-0.2.0-19.el7_9.1.x86_64.rpm gegl-debuginfo-0.2.0-19.el7_9.1.i686.rpm gegl-debuginfo-0.2.0-19.el7_9.1.x86_64.rpm Red Hat Enterprise LinuxWorkstation Optional (v. 7): x86_64: gegl-debuginfo-0.2.0-19.el7_9.1.i686.rpm gegl-debuginfo-0.2.0-19.el7_9.1.x86_64.rpm gegl-devel-0.2.0-19.el7_9.1.i686.rpm gegl-devel-0.2.0-19.el7_9.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-45463 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYecC7tzjgjWX9erEAQhnZg/9FgKvBb+LlU4aklmU0egHgcJqI+5SG+Dw 2713+apMcu7GOJc2JA+IurLBamGeCF6U4rbIPUK5Uhoo33LS0oxzFzdwxlMjDtBi QFOkNf/aqwtSSYHuUkvgFqUR3g4bCFoj/RXQYhYcTY/4R5W5Oi6JcDEAEMTZkD1M 3I+cYC6ndtXZ6Tv3Ru+2z/B4P2G1q12ATuxyacug5vWch6ztEMO4zqDjR72lyZfU Cnq0d7ZPN7LnqrfxkHf9y45DFTdhwVPN5Pec1qrgjbPv8xTPRxNr5Tq7Djq7Q2k6 CMwW9tO/ieWG/WxY6sWM9GlBU2pHT0sT9WDGsqaGsEcJHJ2uAvPyujtNvdD9L7DB Oj0+sc8/vYcHp7j6M/F5QBqX+fgvRn/ErA5o2HxBvlksjLRKlg7pnIixYTy35wad XsqP12Q7f2p11nH8JFiZUeQBRzCe0iLfd5IxYm7kXKyJn/oYhluhY0QSrn+wbClG bVQ7x+5ABhv1m9JfXkJxKeDPFaSzpH+zUVnaDX+LtLc9T9L/XiYqnGQtuj+VxGQx bYhWC6mGjhR3TOolTAbYYTMQS1AbfDZi5Dc3V3ARwBK7fBEB+Yx6fktF3KuSyN5O 1k+tTE0b2Rlivvdr9mE2OUNPWLxoxneFc1d6Y/MrobAjRWJpD+DjxBs1WFAQBll+ CCWeUVax3B0=wmPa -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jan 18, 2022
•Important
Red Hat
89
security advisoryfedoraupdateFedora: 34 FEDORA-2022-5b5a738d7a Critical: gegl04 Shell Expansion
Security fix for CVE-2021-45463. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-5b5a738d7a 2022-01-13 00:59:17.610300 --------------------------------------------------------------------------------Name : gegl04 Product : Fedora 34 Version : 0.4.34 Release : 1.fc34 URL : https://www.gegl.org/ Summary : Graph based image processing framework Description : GEGL (Generic Graphics Library) is a graph based image processing framework. GEGLs original design was made to scratch GIMP's itches for a new compositing and processing core. This core is being designed to have minimal dependencies and a simple well defined API. --------------------------------------------------------------------------------Update Information: Security fix for CVE-2021-45463 --------------------------------------------------------------------------------ChangeLog: * Tue Jan 4 2022 Josef Ridky - 0.4.34-1 - New upstream release 0.4.34 - Fix CVE-2021-45463 --------------------------------------------------------------------------------References: [ 1 ] Bug #2035383 - CVE-2021-45463 gegl: shell expansion via a crafted pathname https://bugzilla.redhat.com/show_bug.cgi?id=2035383 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-5b5a738d7a' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jan 12, 2022
•Critical
Fedora
89
security advisorycritical issueFedoraFedora 35 GEGL04 Critical Shell Expansion Advisory: FEDORA-2022-a1c5b18362
Security fix for CVE-2021-45463. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-a1c5b18362 2022-01-08 01:18:41.488553 --------------------------------------------------------------------------------Name : gegl04 Product : Fedora 35 Version : 0.4.34 Release : 1.fc35 URL : https://www.gegl.org/ Summary : Graph based image processing framework Description : GEGL (Generic Graphics Library) is a graph based image processing framework. GEGLs original design was made to scratch GIMP's itches for a new compositing and processing core. This core is being designed to have minimal dependencies and a simple well defined API. --------------------------------------------------------------------------------Update Information: Security fix for CVE-2021-45463 --------------------------------------------------------------------------------ChangeLog: * Tue Jan 4 2022 Josef Ridky - 0.4.34-1 - New upstream release 0.4.34 - Fix CVE-2021-45463 --------------------------------------------------------------------------------References: [ 1 ] Bug #2035383 - CVE-2021-45463 gegl: shell expansion via a crafted pathname https://bugzilla.redhat.com/show_bug.cgi?id=2035383 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-a1c5b18362' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jan 07, 2022
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!