Alerts This Week
Warning Icon 1 541
Alerts This Week
Warning Icon 1 541

Stay Secure with the Latest Linux Advisories

Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H800
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorydebianremote access

Debian 3.1 DSA 849-1 Critical: Shorewall Firewall Bypass Issue

Updated package.. - --------------------------------------------------------------------------Debian Security Advisory DSA 849-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Martin Schulze October 8th, 2005 http://www.debian.org/security/faq - --------------------------------------------------------------------------Package : shorewall Vulnerability : programming error Problem type : remote Debian-specific: no CVE ID : CAN-2005-2317 Debian Bug : 318946 "Supernaut" noticed that shorewall, the Shoreline Firewall, could generate an iptables configuration which is significantly more permissive than the rule set given in the shorewall configuration, if MAC verification are used in a non-default manner. When MACLIST_DISPOSITION is set to ACCEPT in the shorewall.conf file, all packets from hosts which fail the MAC verification pass through the firewall, without further checks. When MACLIST_TTL is set to a non-zero value, packets from hosts which pass the MAC verification pass through the firewall, again without further checks. The old stable distribution (woody) is not affected by this problem. For the stable distribution (sarge) this problem has been fixed in version 2.2.3-2. For the unstable distribution (sid) this problem has been fixed in version 2.4.1-2. We recommend that you upgrade your shorewall package. Upgrade Instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - -------------------------------- Source archives: Size/MD5 checksum: 656 a280401e705da1a93b31e2b0d6abafb9 Size/MD5 checksum: 34181 e6d35af167daece754b263fb77285960 Size/MD5 checksum: 126841 df114b25a419d77915598de5844b423e Architecture independent components: Size/MD5 checksum: 151538 556f925a3f6393e1b7376686c1796d89 These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . The latest Debian security advisory DSA 850-1 highlights urgent patches for the openvpn service, rectifying vulnerabilities that could compromise user data.. Shorewall Security Fix, Debian Firewall Update, Remote Access Risk. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 08, 2005 Critical Debian
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentoomoderate severity

Gentoo: GLSA-200507-20 Moderate: Shorewall Security Policy Bypass

The "unaffected" version was incorrectly set to 2.4.1 in the initial advisory, the correct "unaffected" version is 2.4.2. The corrected sections appear below. [More...] [More...]. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory [ERRATA UPDATE] GLSA 200507-20:02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: Shorewall: Security policy bypass Date: July 22, 2005 Updated: September 14, 2005 Bugs: #99398 ID: 200507-20:02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Errata ===== The "unaffected" version was incorrectly set to 2.4.1 in the initial advisory, the correct "unaffected" version is 2.4.2. The corrected sections appear below. Synopsis ======= A vulnerability in Shorewall allows clients authenticated by MAC address filtering to bypass all other security rules. Background ========= Shorewall is a high level tool for configuring Netfilter, the firewall facility included in the Linux Kernel. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-firewall/shorewall = 2.4.2 Description ========== Shorewall fails to enforce security policies if configured with "MACLIST_DISPOSITION" set to "ACCEPT" or "MACLIST_TTL" set to a value greater or equal to 0. Impact ===== A client authenticated by MAC address filtering could bypass all security policies, possibly allowing him to gain access to restricted services. The default installation has MACLIST_DISPOSITION=REJECT and MACLIST_TTL=(blank) (equivalent to 0). This can be checked by looking at the settings in/etc/shorewall/shorewall.conf Workaround ========= Set "MACLIST_TTL" to "0" and "MACLIST_DISPOSITION" to "REJECT" in the Shorewall configuration file (usually /etc/shorewall/shorewall.conf). Resolution ========= All Shorewall users should upgrade to the latest available version: # emerge --sync # emerge --ask --oneshot --verbose net-firewall/shorewall References ========= [ 1 ] CAN-2005-2317 https://www.cve.org/CVERecord?id=CAN-2005-2317 [ 2 ] Shorewall Announcement https://shorewall.org/News.htm Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200507-20 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.0/ . Gentoo has released a security advisory addressing a Shorewall vulnerability; ensure to implement correct configurations to mitigate potential bypass risks. Maintain your security!. Shorewall Security,Gentoo Advisory,Policy Bypass,Security Patch. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Sep 19, 2005 Low Gentoo
Banner 2 1028x280 1708121730 1 1771599631
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisoryGentoofile handling

Gentoo: GLSA-200407-08 Normal: OpenSSH Key Disclosure Vulnerability

Shorewall contains a bug in the code handling the creation of temporary files and directories. This can allow a non-root user to overwrite arbitrary system files. [More...]. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200407-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Shorewall : Insecure temp file handling Date: July 08, 2004 Bugs: #55675 ID: 200407-07 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Shorewall contains a bug in the code handling the creation of temporary files and directories. This can allow a non-root user to overwrite arbitrary system files. Background ========= Shorewall is a high level tool for configuring Netfilter, the firewall facility included in the Linux Kernel. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-firewall/shorewall = 1.4.10f Description ========== Shorewall uses temporary files and directories in an insecure manner. A local user could create symbolic links at specific locations, eventually overwriting other files on the filesystem with the rights of the shorewall process. Impact ===== An attacker could exploit this vulnerability to overwrite arbitrary system files with root privileges, resulting in Denial of Service or further exploitation. Workaround ========= There is no known workaround at this time. All users should upgrade to the latest available version of Shorewall. Resolution ========= All users should upgrade to the latest availableversion of Shorewall, as follows: # emerge sync # emerge -pv "> =net-firewall/shorewall-1.4.10f" # emerge "> =net-firewall/shorewall-1.4.10f" References ========= [ 1 ] Shorewall Announcement Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200407-07 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2004 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/1.0/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - iD8DBQFA7YNjvcL1obalX08RAnEoAJwI4WXLMFQHLKej/GoiwfvMilgfwgCeLcQE eqXoYzwnpkLAnbmAjw5JLho=1nyP -----END PGP SIGNATURE----- . System Alert: Vulnerability in temporary file management allows unauthorized file replacement. Please update to the most recent version for enhanced protection.. Gentoo Linux Security, Shorewall Update, Temp File Handling, Security Advisory. . LinuxSecurity.com Team

Calendar 2 Jul 08, 2004 Gentoo
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here