Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 23 articles for you...
100
security advisorycriticalSuSESUSE Python-Authlib Critical Issues Fix Advisory 2026-0975-1
An update that solves three vulnerabilities can now be installed.. # Security update for python-Authlib Announcement ID: SUSE-SU-2026:0975-1 Release Date: 2026-03-23T16:34:44Z Rating: critical References: * bsc#1259736 * bsc#1259737 * bsc#1259738 Cross-References: * CVE-2026-27962 * CVE-2026-28490 * CVE-2026-28498 CVSS scores: * CVE-2026-27962 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-27962 ( SUSE ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-27962 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-28490 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-28490 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2026-28490 ( NVD ): 8.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-28490 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2026-28498 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-28498 ( SUSE ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-28498 ( NVD ): 8.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2026-28498 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * openSUSE Leap 15.6 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP6 LTSS * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves three vulnerabilities can now be installed. ## Description: This update for python-Authlibfixes the following issues: * CVE-2026-27962: JWS `deserialize_compact()` allows for signature bypass by accepting user-controlled embedded JWK as verification key (bsc#1259738). * CVE-2026-28490: cryptographic padding oracle in JWE RSA1_5 key management algorithm (bsc#1259736). * CVE-2026-28498: fail-open in behavior OIDC hash validation allows for bypass mandatory integrity protections (bsc#1259737). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-975=1 openSUSE-SLE-15.6-2026-975=1 * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-975=1 * SUSE Linux Enterprise Server 15 SP6 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-975=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-975=1 ## Package List: * openSUSE Leap 15.6 (noarch) * python311-Authlib-1.3.1-150600.3.17.1 * Python 3 Module 15-SP7 (noarch) * python311-Authlib-1.3.1-150600.3.17.1 * SUSE Linux Enterprise Server 15 SP6 LTSS (noarch) * python311-Authlib-1.3.1-150600.3.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch) * python311-Authlib-1.3.1-150600.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2026-27962.html * https://www.suse.com/security/cve/CVE-2026-28490.html * https://www.suse.com/security/cve/CVE-2026-28498.html * https://bugzilla.suse.com/show_bug.cgi?id=1259736 * https://bugzilla.suse.com/show_bug.cgi?id=1259737 * https://bugzilla.suse.com/show_bug.cgi?id=1259738 . Critical security update for python-Authlib resolves multiple risks. Install SUSE patch to safeguard your systems effectively.. python Authlib security update critical patch SUSE vulnerabilities. . Severity: Critical.LinuxSecurity.com Team
Mar 24, 2026
•Critical
SuSE
197
security advisorybuffer overflowdebianDebian LTS: DLA-4103-1: suricata Security Advisory Updates
Several issues have been found in suricata, the next Generation Intrusion Detection and Prevention Tool. They are related to bypass of HTTP-based signature, mishandling of multiple fragmented packets, logic errors, . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4103-1
Mar 31, 2025
•Important
Debian LTS
217
security advisorysecurity fixcritical updateOracle Linux 8 ELSA-2023-7265 Critical: Open-VM-Tools Security Update
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2023-7265 https://linux.oracle.com/errata/ELSA-2023-7265.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: open-vm-tools-12.2.5-3.0.1.el8_9.1.x86_64.rpm open-vm-tools-desktop-12.2.5-3.0.1.el8_9.1.x86_64.rpm open-vm-tools-salt-minion-12.2.5-3.0.1.el8_9.1.x86_64.rpm open-vm-tools-sdmp-12.2.5-3.0.1.el8_9.1.x86_64.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates//open-vm-tools-12.2.5-3.0.1.el8_9.1.src.rpm Related CVEs: CVE-2023-34058 CVE-2023-34059 Description of changes: [12.2.5-3.0.1.1] - Fix CVE-2023-34058 open-vm-tools: SAML token signature bypass - Fix CVE-2023-34059 open-vm-tools: file descriptor hijack vulnerability in the vmware-user-suid-wrapper [12.2.5-3.0.1] - Fix spaces in vmware udev rule for scsi devices [Orabug: 24461968] - Fix vmware udev rule in 99-vmware-scsi-timeout.rules file. [Orabug: 22815019] - Increase timeout for scsi devices on VMWare guests by adding a udev rule. [Orabug: 21819156] _______________________________________________ El-errata mailing list
Nov 23, 2023
•Critical
Oracle
100
security advisoryprivilege escalationimportantSUSE 15 SP2: 2023:4229-1 Important: Signature Bypass, Escalation
* bsc#1216432 * bsc#1216433 Cross-References: * CVE-2023-34058 . # Security update for open-vm-tools Announcement ID: SUSE-SU-2023:4229-1 Rating: important References: * bsc#1216432 * bsc#1216433 Cross-References: * CVE-2023-34058 * CVE-2023-34059 CVSS scores: * CVE-2023-34058 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-34058 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-34059 ( NVD ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves two vulnerabilities can now be installed. ## Description: This update for open-vm-tools fixes the following issues: * CVE-2023-34058: Fixed a SAML token signature bypass issue (bsc#1216432). * CVE-2023-34059: Fixed a privilege escalation issue through vmware-user-suid- wrapper (bsc#1216433). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-4229=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-4229=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-4229=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * open-vm-tools-desktop-11.3.5-150200.5.16.19.1 * libvmtools0-11.3.5-150200.5.16.19.1 * open-vm-tools-11.3.5-150200.5.16.19.1 *open-vm-tools-sdmp-debuginfo-11.3.5-150200.5.16.19.1 * open-vm-tools-sdmp-11.3.5-150200.5.16.19.1 * open-vm-tools-desktop-debuginfo-11.3.5-150200.5.16.19.1 * libvmtools0-debuginfo-11.3.5-150200.5.16.19.1 * open-vm-tools-debugsource-11.3.5-150200.5.16.19.1 * open-vm-tools-debuginfo-11.3.5-150200.5.16.19.1 * libvmtools-devel-11.3.5-150200.5.16.19.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * open-vm-tools-desktop-11.3.5-150200.5.16.19.1 * libvmtools0-11.3.5-150200.5.16.19.1 * open-vm-tools-11.3.5-150200.5.16.19.1 * open-vm-tools-sdmp-debuginfo-11.3.5-150200.5.16.19.1 * open-vm-tools-sdmp-11.3.5-150200.5.16.19.1 * open-vm-tools-desktop-debuginfo-11.3.5-150200.5.16.19.1 * libvmtools0-debuginfo-11.3.5-150200.5.16.19.1 * open-vm-tools-debugsource-11.3.5-150200.5.16.19.1 * open-vm-tools-debuginfo-11.3.5-150200.5.16.19.1 * libvmtools-devel-11.3.5-150200.5.16.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * open-vm-tools-desktop-11.3.5-150200.5.16.19.1 * libvmtools0-11.3.5-150200.5.16.19.1 * open-vm-tools-11.3.5-150200.5.16.19.1 * open-vm-tools-sdmp-debuginfo-11.3.5-150200.5.16.19.1 * open-vm-tools-sdmp-11.3.5-150200.5.16.19.1 * open-vm-tools-desktop-debuginfo-11.3.5-150200.5.16.19.1 * libvmtools0-debuginfo-11.3.5-150200.5.16.19.1 * open-vm-tools-debugsource-11.3.5-150200.5.16.19.1 * open-vm-tools-debuginfo-11.3.5-150200.5.16.19.1 * libvmtools-devel-11.3.5-150200.5.16.19.1 ## References: * https://www.suse.com/security/cve/CVE-2023-34058.html * https://www.suse.com/security/cve/CVE-2023-34059.html * https://bugzilla.suse.com/show_bug.cgi?id=1216432 * https://bugzilla.suse.com/show_bug.cgi?id=1216433 . This urgent bulletin covers key vulnerabilities related to authorization gaps and privilege escalation in open-vm-tools for SUSE systems.. SUSE Security Update, Open-VM-Tools, Privilege Escalation. . Severity: Important. LinuxSecurity.com Team
Oct 27, 2023
•Important
SuSE
98
security advisorysecurity updateRed HatRed Hat: RHSA-2023:5210-01 Important: Open-VM-Tools Signature Bypass
An update for open-vm-tools is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: open-vm-tools security update Advisory ID: RHSA-2023:5210-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:5210 Issue date: 2023-09-19 CVE Names: CVE-2023-20900 ===================================================================== 1. Summary: An update for open-vm-tools is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream AUS (v. 8.2) - x86_64 Red Hat Enterprise Linux AppStream E4S (v. 8.2) - x86_64 Red Hat Enterprise Linux AppStream TUS (v. 8.2) - x86_64 3. Description: The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization components that enhance performance and user experience of virtual machines. Security Fix(es): * open-vm-tools: SAML token signature bypass (CVE-2023-20900) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, whichincludes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2236542 - CVE-2023-20900 open-vm-tools: SAML token signature bypass 6. Package List: Red Hat Enterprise Linux AppStream AUS (v. 8.2): Source: open-vm-tools-11.0.0-4.el8_2.3.src.rpm x86_64: open-vm-tools-11.0.0-4.el8_2.3.x86_64.rpm open-vm-tools-debuginfo-11.0.0-4.el8_2.3.x86_64.rpm open-vm-tools-debugsource-11.0.0-4.el8_2.3.x86_64.rpm open-vm-tools-desktop-11.0.0-4.el8_2.3.x86_64.rpm open-vm-tools-desktop-debuginfo-11.0.0-4.el8_2.3.x86_64.rpm open-vm-tools-test-debuginfo-11.0.0-4.el8_2.3.x86_64.rpm Red Hat Enterprise Linux AppStream E4S (v. 8.2): Source: open-vm-tools-11.0.0-4.el8_2.3.src.rpm x86_64: open-vm-tools-11.0.0-4.el8_2.3.x86_64.rpm open-vm-tools-debuginfo-11.0.0-4.el8_2.3.x86_64.rpm open-vm-tools-debugsource-11.0.0-4.el8_2.3.x86_64.rpm open-vm-tools-desktop-11.0.0-4.el8_2.3.x86_64.rpm open-vm-tools-desktop-debuginfo-11.0.0-4.el8_2.3.x86_64.rpm open-vm-tools-test-debuginfo-11.0.0-4.el8_2.3.x86_64.rpm Red Hat Enterprise Linux AppStream TUS (v. 8.2): Source: open-vm-tools-11.0.0-4.el8_2.3.src.rpm x86_64: open-vm-tools-11.0.0-4.el8_2.3.x86_64.rpm open-vm-tools-debuginfo-11.0.0-4.el8_2.3.x86_64.rpm open-vm-tools-debugsource-11.0.0-4.el8_2.3.x86_64.rpm open-vm-tools-desktop-11.0.0-4.el8_2.3.x86_64.rpm open-vm-tools-desktop-debuginfo-11.0.0-4.el8_2.3.x86_64.rpm open-vm-tools-test-debuginfo-11.0.0-4.el8_2.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2023-20900 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIcBAEBCAAGBQJlCWlxAAoJENzjgjWX9erEUeEP/0ogP5tqKbG358kJQ4nROrTN pZgVscxKCKCUp5LNZ02tWsJkimmU+HjQdnAVqLhlfj+blZFq+bGhIRTXFW+buD3W 0hSH/ONh+wecxQa3bx9itUD7osrKneitr5OSrbJyxAQKyWwZFzvmfeUDL/sJ4S50 ckn+847Yr8Inezsm/HymbVHuOMaK6sV0kwnKt/wy4BYLwr5xWrVewzH9EfLi9Nkn oyLk74UOzYoBOn6AsVbxrDmaYY3UfjainZ1cYyv/UkzNHbdAFUnMQ4MdfLWD4rdK r8Iq/2uyK6a7Z3iyOx9KS9ODI1j0shV2d50rkNl0dJnaXLfuKNm9Q5Wd54p6XnXU 2YBEVgS00yIgwdkZtN3zbjPSt+5iwGVUJ1kkydlHYKwwXy4jPqCVbW5mrmhsANa9 0+M8XPeq2siP2apC6HAVVhXs1/pCpe4N8/5bZ3IaI3hJzXMnn17IpqSSR76zJhyi amgfIzWADA4m9q5qGq6vdox5stQRsLOJ8aXQ1liHd3L8Kz++KIzzJDQmlE/vV/6b 4WMw38i3FsQ9TVFNTzM+QfMJleqxGS4OsFJ5FpfBdNYhSZXO9S8X1pYvkfqFr4bL zwrHZHFyMmLhZXNTQigQnJxeDsQQO8RC/0VnJcNOIK6y3R1neKQJJr6rwILnO9p2 dlD/FueDvEMPXD3be/hP =06IY -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Sep 19, 2023
•Important
Red Hat
172
security advisorymoderateubuntuUbuntu 22.04 LTS USN-6239-1 Moderate: ECDSA Signature Bypass
ECDSA Util could be made to accept forged signatures.. =========================================================================Ubuntu Security Notice USN-6239-1 July 20, 2023 ecdsautils vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) Summary: ECDSA Util could be made to accept forged signatures. Software Description: - ecdsautils: ECDSA elliptic curve cryptography command line tools Details: It was discovered that ECDSA Util did not properly verify certain signature values. An attacker could possibly use this issue to bypass signature verification. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: ecdsautils 0.3.2+git20151018-2+deb10u1build0.22.04.1 Ubuntu 20.04 LTS: ecdsautils 0.3.2+git20151018-2+deb10u1build0.20.04.1 Ubuntu 18.04 LTS (Available with Ubuntu Pro): ecdsautils 0.3.2+git20151018-2ubuntu0.18.04.1~esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): ecdsautils 0.3.2+git20151018-2ubuntu0.16.04.1~esm1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6239-1 CVE-2022-24884 Package Information: https://launchpad.net/ubuntu/+source/ecdsautils/0.3.2+git20151018-2+deb10u1build0.22.04.1 https://launchpad.net/ubuntu/+source/ecdsautils/0.3.2+git20151018-2+deb10u1build0.20.04.1 . Signature problems in ECDSA on several Ubuntu LTS editions could let attackers create fake signatures. Immediate system updates are recommended to ensure safety.. ECDSA Security, Signature Bypass, Ubuntu Updates. . Severity: Important. LinuxSecurity.com Team
Jul 20, 2023
•Important
Ubuntu
172
security advisoryremote attackperlUbuntu 22.10: USN-5689-2 Moderate: Perl Signature Bypass
Perl could be made to by pass signature verification.. =========================================================================Ubuntu Security Notice USN-5689-2 November 28, 2022 perl vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.10 Summary: Perl could be made to by pass signature verification. Software Description: - perl: Practical Extraction and Report Language Details: USN-5689-1 fixed a vulnerability in Perl. This update provides the corresponding update for Ubuntu 22.10. Original advisory details: It was discovered that Perl incorrectly handled certain signature verification. An remote attacker could possibly use this issue to bypass signature verification. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: perl 5.34.0-5ubuntu1.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5689-2 https://ubuntu.com/security/notices/USN-5689-1 CVE-2020-16156 Package Information: https://launchpad.net/ubuntu/+source/perl/5.34.0-5ubuntu1.1 . Ubuntu Security Advisory USN-5689-2 tackles a Perl vulnerability within Ubuntu 22.10. Ensure you upgrade promptly to maintain security.. Perl Security, Ubuntu Update, Signature Bypass, Remote Attacks, Security Advisory. . Severity: Important. LinuxSecurity.com Team
Nov 28, 2022
•Important
Ubuntu
172
security advisoryremote exploitcriticalUbuntu 22.04 LTS: USN-5689-1 Critical: Perl Signature Bypass Exploit
Perl could be made to by pass signature verification.. =========================================================================Ubuntu Security Notice USN-5689-1 October 19, 2022 perl vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 ESM - Ubuntu 14.04 ESM Summary: Perl could be made to by pass signature verification. Software Description: - perl: Practical Extraction and Report Language Details: It was discovered that Perl incorrectly handled certain signature verification. An remote attacker could possibly use this issue to bypass signature verification. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: perl 5.34.0-3ubuntu1.1 Ubuntu 20.04 LTS: perl 5.30.0-9ubuntu0.3 Ubuntu 18.04 LTS: perl 5.26.1-6ubuntu0.6 Ubuntu 16.04 ESM: perl 5.22.1-9ubuntu0.9+esm1 Ubuntu 14.04 ESM: perl 5.18.2-2ubuntu1.7+esm4 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5689-1 CVE-2020-16156 Package Information: https://launchpad.net/ubuntu/+source/perl/5.34.0-3ubuntu1.1 https://launchpad.net/ubuntu/+source/perl/5.30.0-9ubuntu0.3 . Investigate the significant vulnerability impacting various releases of Ubuntu, stemming from the Oversight in Perl's signature verification process.. Perl Vulnerability, Signature Bypass, Remote Exploit. . Severity: Critical. LinuxSecurity.com Team
Oct 19, 2022
•Critical
Ubuntu
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!