Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Security Notice 2026-2328-1 Significant Updates on Four Xen Risks

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

openSUSE 2026-2328-1 Xen Important Buffer Overflow Patch

Calendar White Jun 10, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE Leap 15.6 Important Xen Denial of Service Fix SUSE-SU-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

openSUSE Important xen Patch for Multiple Threats SUSE-2026-2329-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE MariaDB Critical Security Fix 12 Vulnerabilities 2026-2330-1

Calendar White Jun 10, 2026
Critical
Ubuntu Large Esm H900
Ubuntu

Ubuntu 22.04 LTS Exim4 Moderate Regression CVE-2023-42117

Calendar White Jun 10, 2026
Important
Suse Large Esm H800
SuSE

SUSE StrongSwan Important Double-Free CVE-2026-47895 Advisory 2026-2312-1

Calendar White Jun 10, 2026
Important
Suse Large Esm H900
SuSE

SUSE vim Important Command Injection Buffer Overflow Update 2026-2313-1

Calendar White Jun 10, 2026
Important
Opensuse Large Esm H900
openSUSE

openSUSE libsoup Critical HTTP Vulnerabilities Addressed in 2026-2314-1

Calendar White Jun 10, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoracode execution

Fedora 22: Security Advisory for perl-Module-Signature Critical Issues

This update addresses various security issues in perl-Module-Signature as described below. The default behavior is also changed so as to ignore any MANIFEST.SKIP files unless a "skip" parameter is specified. An updated version of perl-Test-Signature that accounts for the changed default behaviour is included in this update. Security issues: * Module::Signature before version 0.75 could be tricked [More...]. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-5904 2015-04-09 15:31:07 -------------------------------------------------------------------------------- Name : perl-Module-Signature Product : Fedora 22 Version : 0.78 Release : 1.fc22 URL : https://metacpan.org/dist/Module-Signature Summary : CPAN signature management utilities and modules Description : This package contains a command line tool and module for checking and creating SIGNATURE files for Perl CPAN distributions. -------------------------------------------------------------------------------- Update Information: This update addresses various security issues in perl-Module-Signature as described below. The default behavior is also changed so as to ignore any MANIFEST.SKIP files unless a "skip" parameter is specified. An updated version of perl-Test-Signature that accounts for the changed default behaviour is included in this update. Security issues: * Module::Signature before version 0.75 could be tricked into interpreting the unsigned portion of a SIGNATURE file as the signed portion due to faulty parsing of the PGP signature boundaries. * When verifying the contents of a CPAN module, Module::Signature before version 0.75 ignored some files in the extracted tarball that were not listed in the signature file. This included some files in the t/ directory that would execute automatically during "make test". * Module::Signature before version 0.75 used two argument open() calls to read the files when generating checksums fromthe signed manifest. This allowed embedding arbitrary shell commands into the SIGNATURE file that would execute during the signature verification process. * Module::Signature before version 0.75 has been loading several modules at runtime inside the extracted module directory. Modules like Text::Diff are not guaranteed to be available on all platforms and could be added to a malicious module so that they would load from the '.' path in @INC. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1209911 - perl-Module-Signature: unsigned files interpreted as signed in some circumstances https://bugzilla.redhat.com/show_bug.cgi?id=1209911 [ 2 ] Bug #1209915 - perl-Module-Signature: arbitrary code execution during test phase https://bugzilla.redhat.com/show_bug.cgi?id=1209915 [ 3 ] Bug #1209917 - perl-Module-Signature: arbitrary code execution when verifying module signatures https://bugzilla.redhat.com/show_bug.cgi?id=1209917 [ 4 ] Bug #1209918 - perl-Module-Signature: arbitrary modules loading in some circumstances https://bugzilla.redhat.com/show_bug.cgi?id=1209918 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update perl-Module-Signature' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . A security patch for perl-Module-Signature in Fedora 22 mitigates several severe vulnerabilities, including potential code execution threats.. perl ModuleSignature, Fedora Security Update, Command Execution Issue. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 21, 2015 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycriticalFedora

Fedora 20: 2015-5840 Critical: perl-Module-Signature Security Fix

This update addresses various security issues in perl-Module-Signature as described below. The default behavior is also changed so as to ignore any MANIFEST.SKIP files unless a "skip" parameter is specified. An updated version of perl-Test-Signature that accounts for the changed default behavior is included in this update. Security issues: * Module::Signature before version 0.75 could be tricked [More...]. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-5840 2015-04-09 04:58:27 -------------------------------------------------------------------------------- Name : perl-Module-Signature Product : Fedora 20 Version : 0.78 Release : 1.fc20 URL : https://metacpan.org/dist/Module-Signature Summary : CPAN signature management utilities and modules Description : This package contains a command line tool and module for checking and creating SIGNATURE files for Perl CPAN distributions. -------------------------------------------------------------------------------- Update Information: This update addresses various security issues in perl-Module-Signature as described below. The default behavior is also changed so as to ignore any MANIFEST.SKIP files unless a "skip" parameter is specified. An updated version of perl-Test-Signature that accounts for the changed default behavior is included in this update. Security issues: * Module::Signature before version 0.75 could be tricked into interpreting the unsigned portion of a SIGNATURE file as the signed portion due to faulty parsing of the PGP signature boundaries. * When verifying the contents of a CPAN module, Module::Signature before version 0.75 ignored some files in the extracted tarball that were not listed in the signature file. This included some files in the t/ directory that would execute automatically during "make test". * Module::Signature before version 0.75 used two argument open() calls to read the files when generating checksums from thesigned manifest. This allowed embedding arbitrary shell commands into the SIGNATURE file that would execute during the signature verification process. * Module::Signature before version 0.75 has been loading several modules at runtime inside the extracted module directory. Modules like Text::Diff are not guaranteed to be available on all platforms and could be added to a malicious module so that they would load from the '.' path in @INC. -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 9 2015 Paul Howarth - 0.78-1 - Update to 0.78 - Fix verify() use from cpanm and CPAN.pm * Wed Apr 8 2015 Paul Howarth - 0.77-1 - Update to 0.77 - Include the latest public keys of PAUSE, ANDK and AUDREYT - Clarify scripts/cpansign copyright to CC0 (#965126, CPAN RT#85466) * Wed Apr 8 2015 Paul Howarth - 0.76-1 - Update to 0.76 - Fix signature tests by defaulting to verify(skip=> 1) when $ENV{TEST_SIGNATURE} is true * Tue Apr 7 2015 Paul Howarth - 0.75-1 - Update to 0.75 - Fix GPG signature parsing logic - MANIFEST.SKIP is no longer consulted unless --skip is given - Properly use open() modes to avoid injection attacks - More protection of @INC from relative paths - Don't try to run the signature test, which needs the network * Wed Aug 27 2014 Jitka Plesnikova - 0.73-5 - Perl 5.20 rebuild * Sat Jun 7 2014 Fedora Release Engineering - 0.73-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1209911 - perl-Module-Signature: unsigned files interpreted as signed in some circumstances https://bugzilla.redhat.com/show_bug.cgi?id=1209911 [ 2 ] Bug #1209915 - perl-Module-Signature: arbitrary code execution during test phase https://bugzilla.redhat.com/show_bug.cgi?id=1209915 [ 3 ] Bug #1209917 - perl-Module-Signature: arbitrary code execution when verifying module signatures https://bugzilla.redhat.com/show_bug.cgi?id=1209917 [ 4 ] Bug #1209918 - perl-Module-Signature: arbitrary modules loading in some circumstances https://bugzilla.redhat.com/show_bug.cgi?id=1209918 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update perl-Module-Signature' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . This enhancement tackles vulnerabilities tied to perl-Module-Signature, promoting enhanced safety and timely upgrades.. Perl Module Signature,Fedora 20 Security Update,Signature Management. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Apr 18, 2015 Critical Fedora
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":552,"type":"x","order":1,"pct":78.63,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.27,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.84,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.25,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here