Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentooarbitrary code execution

Gentoo: GLSA-201903-02 Normal: Zsh Arbitrary Code Execution Risk

Input validation errors in Zsh could result in arbitrary code execution.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201903-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Zsh: User-assisted execution of arbitrary code Date: March 10, 2019 Bugs: #665278 ID: 201903-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Input validation errors in Zsh could result in arbitrary code execution. Background ========= A shell designed for interactive use, although it is also a powerful scripting language. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-shells/zsh < 5.6 > = 5.6 Description ========== Two input validation errors have been discovered in how Zsh parses scripts: * Parsing a malformed shebang line could cause Zsh to call a program listed in the second line (CVE-2018-0502) * Shebang lines longer than 64 characters are truncated (CVE-2018-13259) Impact ===== An attacker could entice a user to execute a specially crafted script using Zsh, possibly resulting in execution of arbitrary code with the privileges of the process. Workaround ========= There is no known workaround at this time. Resolution ========= All Zsh users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-shells/zsh-5.6" References ========= [ 1 ] CVE-2018-0502 https://nvd.nist.gov/vuln/detail/CVE-2018-0502 [ 2 ] CVE-2018-13259 https://nvd.nist.gov/vuln/detail/CVE-2018-13259 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201903-02 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2019 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Vulnerabilities in Zsh's input handling expose systems to potential code execution threats. To mitigate risks, ensure you are running the most recent version.. Input Validation, Zsh Security, Gentoo Advisory, Code Execution, Shell Vulnerability. . LinuxSecurity.com Team

Calendar 2 Mar 10, 2019 Gentoo
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryremote accessDebian

Debian: 2.1 Security Advisory: ipopd Remote Shell Access Exploit

We have received reports that the version of the imap suite in Debian GNU/Linux 2.1 has a vulnerability in its POP-2 daemon, which can be found in the ipopd package. Using this vulnerability it is possible for remote users to get a shell as user "nobody" on the server. . -----BEGIN PGP SIGNED MESSAGE----- We have received reports that the version of the imap suite in Debian GNU/Linux 2.1 has a vulnerability in its POP-2 daemon, which can be found in the ipopd package. Using this vulnerability it is possible for remote users to get a shell as user "nobody" on the server. We recommend you upgrade your ipopd package immediately. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. Debian GNU/Linux 2.1 alias slink - -------------------------------- This version of Debian was released only for Intel, the Motorola 680x0, the alpha and the Sun sparc architecture. Source archives: -0slink2.diff.gz MD5 checksum: 606f893869069eee68f4c1e31392af29 - 0slink2.dsc MD5 checksum: 93ed80a3619586ff9f3246003aca2448 MD5 checksum: 59afe4be5fcd17c20d241633a4a3d0ac Sun Sparc architecture: sparc/c-client-dev_4.5-0slink2_sparc.deb MD5 checksum: 2de5363a3ea9f27c1aa064c3102567cc sparc/imap_4.5-0slink2_sparc.deb MD5 checksum: 87638b6ad06094f30ff6d2dddfd10b8b sparc/ipopd_4.5-0slink2_sparc.deb MD5 checksum: aa6621e2f7e2df751489c397e9e169a8 Intel ia32 architecture: i386/c- client-dev_4.5-0slink2_i386.deb MD5 checksum: fd92656c7281a4d8322b6da1285475cd i386/imap_4.5-0slink2_i386.deb MD5 checksum: c92eaece7e431c84708909362afad07d i386/ipopd_4.5-0slink2_i386.deb MD5 checksum: 29685847b0eef8307383a428b1d02be2 Motorola 680x0 architecture: m68k/c- client-dev_4.5-0slink2_m68k.deb MD5 checksum: eeab449299e9f2d3fc97db69110b4432 m68k/imap_4.5-0slink2_m68k.deb MD5 checksum: 4bd0fbaa392b6013f6caa33b04578764 m68k/ipopd_4.5-0slink2_m68k.deb MD5 checksum: d43f502971afc531923903f3ac7b5b3f Alpha architecture: alpha/c-client-dev_4.5-0slink2_alpha.deb MD5 checksum: 6732ae9495ee29590ed85cc482fbda97 alpha/imap_4.5-0slink2_alpha.deb MD5 checksum: d0ee05b972d5d1bc1d066e2bae4d8c8b alpha/ipopd_4.5-0slink2_alpha.deb MD5 checksum: 89c3931092537d0eb23fb50fa57f1bb0 These files will be copied into soon. Please note you can also use apt to always get the latest security updates. To do so add the following line to /etc/apt/sources.list: deb debian stable updates - -- Debian GNU/Linux . Security Managers . This email address is being protected from spambots. You need JavaScript enabled to view it. This email address is being protected from spambots. You need JavaScript enabled to view it. Christian Hudon . Wichert Akkerman . Martin Schulze . . -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv iQB1AwUBN1sKgajZR/ntlUftAQGqlgL/d+dzjkxSf0bVDuFmWmeMgH9UxhpJXAwV 0EAtFEY7oRyNpiRLHojnJ48sPviIetVsojHsz9w4uh787skIUJYdFTJN+/O+kxLq TeF2k+ESbtLJav5QCnVrR7CfiIhYMLgx =Z3ew -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- We have received reports that the version of the imap suite in De. received, reports, version, suite, debian, gnu/linux, vulnerabil. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Dec 13, 1999 Important Debian
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here