Alerts This Week
Warning Icon 1 697
Alerts This Week
Warning Icon 1 697

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":546,"type":"x","order":1,"pct":78.45,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.31,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.36,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisoryupdatemedium severity

Arch Linux: 202311-01 Critical: Gnome Shell Session Vulnerability Exploit

The package slock before version 1.4-2 is vulnerable to access restriction bypass. . Arch Linux Security Advisory ASA-201611-21 ========================================= Severity: Medium Date : 2016-11-21 CVE-ID : CVE-2016-6866 Package : slock Type : access restriction bypass Remote : No Link : https://wiki.archlinux.org/title/CVE Summary ====== The package slock before version 1.4-2 is vulnerable to access restriction bypass. Resolution ========= Upgrade to 1.4-2. # pacman -Syu "slock> =1.4-2" The problem has been fixed upstream in version 1.4. Workaround ========= None. Description ========== A null pointer dereference vulnerability has been discovered in the screen locking application slock. It calls crypt(3) and uses the return value for strcmp(3) without checking to see if the return value of crypt(3) was a NULL pointer. If the hash returned by (getspnam()-> sp_pwdp) is invalid, crypt(3) will return NULL and set errno to EINVAL. This will cause slock to segfault which then leaves the machine unprotected. A couple of common scenarios where this might happen are: - a machine using NSS for authentication; on the machine this bug was discovered, (getspnam()-> sp_pwdp) returns "*". - the user's account has been disabled for one reason or another; maybe account expiry or password expiry. Impact ===== A local attacker might be able to bypass access restrictions when locking the screen fails under certain circumstances. References ========= https://seclists.org/oss-sec/2016/q3/333 https://access.redhat.com/security/cve/CVE-2016-6866 . Arch Linux Security Notice resolving slock access control vulnerability categorized as Medium risk, update suggested.. slock security issues, Arch Linux updates, access restriction vulnerability. . Severity: Medium. LinuxSecurity.com Team

Calendar 2 Nov 21, 2016 Medium ArchLinux
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderateFedora

Fedora 23: 2016-7e817cbf55 Moderate: slock Crash Due To Invalid Hash

This release fixes CVE-2016-6866, a crash when verifying a password for a user without a valid shadow hash entry.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-7e817cbf55 2016-09-09 16:20:23.689401 -------------------------------------------------------------------------------- Name : slock Product : Fedora 23 Version : 1.3 Release : 2.fc23 URL : http://tools.suckless.org/slock/ Summary : Simple X display locker Description : This is the simplest X screen locker we are aware of. It is stable and quite a lot people in this community are using it every day when they are out with friends or fetching some food from the local pub. -------------------------------------------------------------------------------- Update Information: This release fixes CVE-2016-6866, a crash when verifying a password for a user without a valid shadow hash entry. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1368369 - CVE-2016-6866 slock: Null pointer dereference results in segmentation fault https://bugzilla.redhat.com/show_bug.cgi?id=1368369 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update slock' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Fedora 23 slock patch resolves bug causing crashes during password verification if no shadow hash entry ispresent.. Fedora 23 Update,slock Security Fix,software vulnerability,password verification issue. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 09, 2016 Important Fedora
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorasoftware update

Fedora 24: slock Crash Fix Advisory for Shadow Hash Issue

This release fixes CVE-2016-6866, a crash when verifying a password for a user without a valid shadow hash entry.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-985b68721b 2016-09-09 16:20:18.939263 -------------------------------------------------------------------------------- Name : slock Product : Fedora 24 Version : 1.3 Release : 2.fc24 URL : http://tools.suckless.org/slock/ Summary : Simple X display locker Description : This is the simplest X screen locker we are aware of. It is stable and quite a lot people in this community are using it every day when they are out with friends or fetching some food from the local pub. -------------------------------------------------------------------------------- Update Information: This release fixes CVE-2016-6866, a crash when verifying a password for a user without a valid shadow hash entry. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1368369 - CVE-2016-6866 slock: Null pointer dereference results in segmentation fault https://bugzilla.redhat.com/show_bug.cgi?id=1368369 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update slock' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Debian 9 upgrade addresses OpenSSH authentication failure caused by malformed public keys, improving systemstability.. Fedora Security Updates, slock Crash Fix, User Authentication Issues. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 09, 2016 Critical Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoracrash fix

Fedora 36: FEDORA-2023-7c2b21f6b4 high: xorg-server Buffer Overflow

This release fixes CVE-2016-6866, a crash when verifying a password for a user without a valid shadow hash entry.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-1b7e66c08b 2016-09-05 17:51:00.341573 -------------------------------------------------------------------------------- Name : slock Product : Fedora 25 Version : 1.3 Release : 2.fc25 URL : http://tools.suckless.org/slock/ Summary : Simple X display locker Description : This is the simplest X screen locker we are aware of. It is stable and quite a lot people in this community are using it every day when they are out with friends or fetching some food from the local pub. -------------------------------------------------------------------------------- Update Information: This release fixes CVE-2016-6866, a crash when verifying a password for a user without a valid shadow hash entry. -------------------------------------------------------------------------------- References: [ 1 ] Bug #1368369 - CVE-2016-6866 slock: Null pointer dereference results in segmentation fault https://bugzilla.redhat.com/show_bug.cgi?id=1368369 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update slock' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Debian 9 patches glibc to fix CVE-2018-1000719 vulnerability, bolstering system protection.. slock securityupdate,Fedora 25,crash fix. . LinuxSecurity.com Team

Calendar 2 Sep 05, 2016 Fedora
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":546,"type":"x","order":1,"pct":78.45,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.31,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.36,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here