Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 488
Alerts This Week
Warning Icon 1 488

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 51 articles for you...
100

openSUSE Important Wicked Remote Command Injection Advisory 2026-2353-1

An update that solves one vulnerability and contains one feature can now be installed.. # Security update for wicked Announcement ID: SUSE-SU-2026:2353-1 Release Date: 2026-06-10T14:55:06Z Rating: important References: * bsc#1265221 * jsc#PED-1942 Cross-References: * CVE-2026-44932 CVSS scores: * CVE-2026-44932 ( SUSE ): 5.8 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H * CVE-2026-44932 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and contains one feature can now be installed. ## Description: This update for wicked fixes the following issues: * CVE-2026-44932: Fixed indirect remote shell command injection via unsanitized DHCP options (bsc#1265221). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2026-2353=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2353=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2353=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2353=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2353=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patchSUSE-SLE-Product-SLES_SAP-15-SP5-2026-2353=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * wicked-debugsource-0.6.79-150500.3.42.1 * wicked-nbft-0.6.79-150500.3.42.1 * wicked-0.6.79-150500.3.42.1 * wicked-debuginfo-0.6.79-150500.3.42.1 * wicked-service-0.6.79-150500.3.42.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * wicked-0.6.79-150500.3.42.1 * wicked-service-0.6.79-150500.3.42.1 * wicked-debugsource-0.6.79-150500.3.42.1 * wicked-debuginfo-0.6.79-150500.3.42.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * wicked-debugsource-0.6.79-150500.3.42.1 * wicked-nbft-0.6.79-150500.3.42.1 * wicked-0.6.79-150500.3.42.1 * wicked-debuginfo-0.6.79-150500.3.42.1 * wicked-service-0.6.79-150500.3.42.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * wicked-debugsource-0.6.79-150500.3.42.1 * wicked-nbft-0.6.79-150500.3.42.1 * wicked-0.6.79-150500.3.42.1 * wicked-debuginfo-0.6.79-150500.3.42.1 * wicked-service-0.6.79-150500.3.42.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * wicked-debugsource-0.6.79-150500.3.42.1 * wicked-nbft-0.6.79-150500.3.42.1 * wicked-0.6.79-150500.3.42.1 * wicked-debuginfo-0.6.79-150500.3.42.1 * wicked-service-0.6.79-150500.3.42.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * wicked-debugsource-0.6.79-150500.3.42.1 * wicked-nbft-0.6.79-150500.3.42.1 * wicked-0.6.79-150500.3.42.1 * wicked-debuginfo-0.6.79-150500.3.42.1 * wicked-service-0.6.79-150500.3.42.1 ## References: * https://www.suse.com/security/cve/CVE-2026-44932.html * https://bugzilla.suse.com/show_bug.cgi?id=1265221 * https://jira.suse.com/browse/PED-1942 . An important security update for wicked addresses a remote command injection flaw. Install to enhance system safety.. SUSE Wicked Update, Remote Command Injection,OpenSUSE Security. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 10, 2026 Important SuSE
91

Gentoo: GLSA-202506-12 critical: JSON-LibJSON code execution

A vulnerability has been discovered in YAML-LibYAML, which can lead to shell injection.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202506-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: YAML-LibYAML: Shell injection Date: June 12, 2025 Bugs: #949498 ID: 202506-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== A vulnerability has been discovered in YAML-LibYAML, which can lead to shell injection. Background ========== YAML-LibYAML provides YAML Serialization using XS and libyaml for Perl. Affected packages ================= Package Vulnerable Unaffected --------------------- ------------ ------------ dev-perl/YAML-LibYAML < 0.903.0 > = 0.903.0 Description =========== YAML-LibYAML uses the legacy '2-arg' open() call which is susceptible to shell injection via malicious filenames. Impact ====== Shell injection may be used to execute arbitrary code using a malicious filename. Workaround ========== There is no known workaround at this time. Resolution ========== All YAML-LibYAML users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-perl/YAML-LibYAML-0.903.0" References ========== [ 1 ] CVE-2025-40908 https://nvd.nist.gov/vuln/detail/CVE-2025-40908 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202506-11 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file abug at https://bugs.gentoo.org. License ======= Copyright 2025 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . Upgrade LibYAML on Gentoo immediately to patch a shell command injection vulnerability in current versions and protect against security risks by installing the latest release.. YAML-LibYAML, security advisory, shell injection. . LinuxSecurity.com Team

Calendar%202 Jun 12, 2025 Gentoo
91

Gentoo: GLSA-202506-10 normal: File-Find-Rule Shell Injection Advisory

A vulnerability has been discovered in File-Find-Rule, which can lead to shell injection.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202506-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: File-Find-Rule: Shell Injection Date: June 12, 2025 Bugs: #957182 ID: 202506-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== A vulnerability has been discovered in File-Find-Rule, which can lead to shell injection. Background ========== File-Find-Rule is an alternative interface to File::Find. Affected packages ================= Package Vulnerable Unaffected ----------------------- ------------ ------------ dev-perl/File-Find-Rule < 0.350.0 > = 0.350.0 Description =========== File-Find-Rule uses the legacy '2-arg' open() call which is susceptible to shell injection via malicious filenames. Impact ====== Shell injection may be used to execute arbitrary code using a malicious filename. Workaround ========== There is no known workaround at this time. Resolution ========== All File-Find-Rule users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-perl/File-Find-Rule-0.350.0" References ========== [ 1 ] CVE-2011-10007 https://nvd.nist.gov/vuln/detail/CVE-2011-10007 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202506-10 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may filea bug at https://bugs.gentoo.org. License ======= Copyright 2025 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5 . A command injection flaw in File-Search-Pattern poses threats to Fedora users. Update to the newest release to reduce vulnerabilities.. File-Find-Rule,Shell Injection,Gentoo Advisory,Update Instructions. . LinuxSecurity.com Team

Calendar%202 Jun 12, 2025 Gentoo
217

Oracle Linux 7 ELSA-2025-2130 Important: emacs Shell Injection Fix

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-2130 http://linux.oracle.com/errata/ELSA-2025-2130.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: emacs-24.3-23.0.1.el7_9.1.x86_64.rpm emacs-common-24.3-23.0.1.el7_9.1.x86_64.rpm emacs-el-24.3-23.0.1.el7_9.1.noarch.rpm emacs-filesystem-24.3-23.0.1.el7_9.1.noarch.rpm emacs-nox-24.3-23.0.1.el7_9.1.x86_64.rpm emacs-terminal-24.3-23.0.1.el7_9.1.noarch.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//emacs-24.3-23.0.1.el7_9.1.src.rpm Related CVEs: CVE-2025-1244 Description of changes: [1:24.3-23.0.1.1] - Fix CVE-2025-1244 man.el shell injection vulnerability [Orabug: 37658579] _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Crucial Oracle Linux 7 guidance for emacs tackling shell manipulation vulnerabilities with vital patches released.. Oracle Linux Updates, Emacs Security Patches, Shell Injection Fixes. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Apr 01, 2025 Important Oracle
217

Oracle Linux 8 ELSA-2025-1917 critical: emacs shell injection patch

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-1917 http://linux.oracle.com/errata/ELSA-2025-1917.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: emacs-26.1-13.el8_10.x86_64.rpm emacs-common-26.1-13.el8_10.x86_64.rpm emacs-filesystem-26.1-13.el8_10.noarch.rpm emacs-lucid-26.1-13.el8_10.x86_64.rpm emacs-nox-26.1-13.el8_10.x86_64.rpm emacs-terminal-26.1-13.el8_10.noarch.rpm aarch64: emacs-26.1-13.el8_10.aarch64.rpm emacs-common-26.1-13.el8_10.aarch64.rpm emacs-filesystem-26.1-13.el8_10.noarch.rpm emacs-lucid-26.1-13.el8_10.aarch64.rpm emacs-nox-26.1-13.el8_10.aarch64.rpm emacs-terminal-26.1-13.el8_10.noarch.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates//emacs-26.1-13.el8_10.src.rpm Related CVEs: CVE-2025-1244 Description of changes: [1:26.1-13] - Fix man.el shell injection vulnerability (RHEL-79016) _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . The Oracle Linux Security Advisory ELSA-2025-1917 presents critical patches for emacs, effectively mitigating a vulnerability related to shell injection. Discover additional details!. Oracle Linux, emacs updates, shell vulnerability, Linux advisory, security fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Mar 03, 2025 Critical Oracle
217

Oracle Linux 9 ELSA-2025-1915 critical: emacs shell injection

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-1915 http://linux.oracle.com/errata/ELSA-2025-1915.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: emacs-27.2-11.el9_5.1.x86_64.rpm emacs-common-27.2-11.el9_5.1.x86_64.rpm emacs-filesystem-27.2-11.el9_5.1.noarch.rpm emacs-lucid-27.2-11.el9_5.1.x86_64.rpm emacs-nox-27.2-11.el9_5.1.x86_64.rpm aarch64: emacs-27.2-11.el9_5.1.aarch64.rpm emacs-common-27.2-11.el9_5.1.aarch64.rpm emacs-filesystem-27.2-11.el9_5.1.noarch.rpm emacs-lucid-27.2-11.el9_5.1.aarch64.rpm emacs-nox-27.2-11.el9_5.1.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol9/SRPMS-updates//emacs-27.2-11.el9_5.1.src.rpm Related CVEs: CVE-2025-1244 Description of changes: [1:27.2-11.1] - Eliminate use of obsolete patch syntax (RHEL-80443) [1:27.2-11] - Fix man.el shell injection vulnerability (RHEL-79025) _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux has released important patches for a critical emacs shell injection flaw in ELSA-2025-1915 notice. Ensure your systems are fortified with these updates.. Oracle Linux, emacs updates, security advisory, shell injection, security fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Mar 03, 2025 Critical Oracle
99

Slackware 15.0: 2025-057-01 critical: emacs shell injection threat

New emacs packages are available for Slackware 15.0 and -current to fix security issues. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] emacs (SSA:2025-057-01) New emacs packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/emacs-30.1-i586-1_slack15.0.txz: Upgraded. This update fixes two security issues: Fix shell injection vulnerability in man.el (CVE-2025-1244). New user option 'trusted-content' to allow potentially dangerous features. This option lists those files and directories whose content Emacs should consider as sufficiently trusted to run any part of the code contained therein even without any explicit user request. For example, Flymake's backend for Emacs Lisp consults this option and disables itself with an "untrusted content" warning if the file is not listed. Emacs Lisp authors should note that a major or minor mode must never set this option to the ':all' value. This option is used to fix CVE-2024-53920. Thanks to pbslxw for the heads-up. For more information, see: https://www.cve.org/CVERecord?id=CVE-2025-1244 https://www.cve.org/CVERecord?id=CVE-2024-53920 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/emacs-30.1-i586-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/emacs-30.1-x86_64-1_slack15.0.txz Updated package for Slackware-current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/e/emacs-30.1-i686-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/e/emacs-30.1-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: 7f9a4dee990732eaf086f6d90906a05a emacs-30.1-i586-1_slack15.0.txz Slackware x86_64 15.0 package: 68c8414823407b3eb297ef3434e04674 emacs-30.1-x86_64-1_slack15.0.txz Slackware -current package: 30407fb50cf96c95b660e4aafcbbc909 e/emacs-30.1-i686-1.txz Slackware x86_64 -current package: 293c63e33dbaaf457c83545012a91ccb e/emacs-30.1-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg emacs-30.1-i586-1_slack15.0.txz +-----+ . Recent updates to emacs packages for Slackware address major security vulnerabilities, significantly bolstering the safety and stability of the system.. Emacs Shell Injection, Slackware Security Update, Trusted Content, Security Patch. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Feb 26, 2025 Critical Slackware
100

SUSE: 2025:0589-1 Critical: emacs shell command injection

* bsc#1237091 Cross-References: * CVE-2025-1244 . # Security update for emacs Announcement ID: SUSE-SU-2025:0589-1 Release Date: 2025-02-19T10:31:31Z Rating: important References: * bsc#1237091 Cross-References: * CVE-2025-1244 CVSS scores: * CVE-2025-1244 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-1244 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-1244 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for emacs fixes the following issues: * CVE-2025-1244: improper handling of custom "man" URI schemes allow for shell command injections. (bsc#1237091) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-589=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-589=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-589=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-589=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * etags-debuginfo-25.3-150000.3.25.3 * emacs-debugsource-25.3-150000.3.25.3 * emacs-x11-debuginfo-25.3-150000.3.25.3 *emacs-nox-debuginfo-25.3-150000.3.25.3 * emacs-nox-25.3-150000.3.25.3 * emacs-25.3-150000.3.25.3 * etags-25.3-150000.3.25.3 * emacs-debuginfo-25.3-150000.3.25.3 * emacs-x11-25.3-150000.3.25.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * emacs-info-25.3-150000.3.25.3 * emacs-el-25.3-150000.3.25.3 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * etags-debuginfo-25.3-150000.3.25.3 * emacs-debugsource-25.3-150000.3.25.3 * emacs-x11-debuginfo-25.3-150000.3.25.3 * emacs-nox-debuginfo-25.3-150000.3.25.3 * emacs-nox-25.3-150000.3.25.3 * emacs-25.3-150000.3.25.3 * etags-25.3-150000.3.25.3 * emacs-debuginfo-25.3-150000.3.25.3 * emacs-x11-25.3-150000.3.25.3 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * emacs-info-25.3-150000.3.25.3 * emacs-el-25.3-150000.3.25.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * etags-debuginfo-25.3-150000.3.25.3 * emacs-debugsource-25.3-150000.3.25.3 * emacs-x11-debuginfo-25.3-150000.3.25.3 * emacs-nox-debuginfo-25.3-150000.3.25.3 * emacs-nox-25.3-150000.3.25.3 * emacs-25.3-150000.3.25.3 * etags-25.3-150000.3.25.3 * emacs-debuginfo-25.3-150000.3.25.3 * emacs-x11-25.3-150000.3.25.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * emacs-info-25.3-150000.3.25.3 * emacs-el-25.3-150000.3.25.3 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * etags-debuginfo-25.3-150000.3.25.3 * emacs-debugsource-25.3-150000.3.25.3 * emacs-x11-debuginfo-25.3-150000.3.25.3 * emacs-nox-debuginfo-25.3-150000.3.25.3 * emacs-nox-25.3-150000.3.25.3 * emacs-25.3-150000.3.25.3 * etags-25.3-150000.3.25.3 * emacs-debuginfo-25.3-150000.3.25.3 * emacs-x11-25.3-150000.3.25.3 * SUSE Enterprise Storage 7.1 (noarch) * emacs-info-25.3-150000.3.25.3 * emacs-el-25.3-150000.3.25.3 ## References: *https://www.suse.com/security/cve/CVE-2025-1244.html * https://bugzilla.suse.com/show_bug.cgi?id=1237091 . Crucial patch released addressing vulnerabilities related to shell command injections in Emacs. Recommended installation through SUSE's standard procedures.. Emacs Security, SUSE Updates, Shell Injection Fix, Software Patches. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Feb 19, 2025 Important SuSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200