Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorycriticalmozilla

SciLinux: SLSA-2019-0622-1 Critical: Firefox Memory Safety Fixes

This update upgrades Firefox to version 60.6.0 ESR. * Mozilla: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 (CVE-2019-9788) * Mozilla: Use-after-free when removing in-use DOM elements (CVE-2019-9790) * Mozilla: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey (CVE-2019-9791) * Mozilla: IonMonkey leaks JS_OPTIMIZED_OUT magic value [More...]. Synopsis: Critical: firefox security update Advisory ID: SLSA-2019:0622-1 Issue Date: 2019-03-20 CVE Numbers: CVE-2018-18506 CVE-2019-9788 CVE-2019-9790 CVE-2019-9791 CVE-2019-9792 CVE-2019-9793 CVE-2019-9795 CVE-2019-9796 -- This update upgrades Firefox to version 60.6.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 (CVE-2019-9788) * Mozilla: Use-after-free when removing in-use DOM elements (CVE-2019-9790) * Mozilla: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey (CVE-2019-9791) * Mozilla: IonMonkey leaks JS_OPTIMIZED_OUT magic value to script (CVE-2019-9792) * Mozilla: Improper bounds checks when Spectre mitigations are disabled (CVE-2019-9793) * Mozilla: Type-confusion in IonMonkey JIT compiler (CVE-2019-9795) * Mozilla: Use-after-free with SMIL animation controller (CVE-2019-9796) * Mozilla: Proxy Auto-Configuration file can define localhost access to be proxied (CVE-2018-18506) -- SL7 x86_64 firefox-60.6.0-3.el7_6.x86_64.rpm firefox-debuginfo-60.6.0-3.el7_6.x86_64.rpm firefox-60.6.0-3.el7_6.i686.rpm firefox-debuginfo-60.6.0-3.el7_6.i686.rpm - Scientific Linux Development Team . Chrome cybersecurity patch SLSA-2023:0815-2 addresses severe vulnerabilities involving buffer overflow and improper resource management issues.. firefox update,safety issues,mozilla firefox,security patch,linux upgrade. . Severity: Critical.LinuxSecurity.com Team

Calendar 2 Mar 20, 2019 Critical Scientific Linux
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryupdateimportant

SUSE: 2018:1362-2 Important: Qemu Spectre V4 Mitigation Support

An update that solves one vulnerability and has one errata is now available. . SUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:1362-2 Rating: important References: #1079405 #1092885 Cross-References: CVE-2018-3639 Affected Products: SUSE Linux Enterprise Server 12-SP2-BCL ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for qemu fixes several issues. This security issue was fixed: - CVE-2018-3639: Spectre v4 vulnerability mitigation support for KVM guests (bsc#1092885). Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. This patch permits the new x86 cpu feature flag named "ssbd" to be presented to the guest, given that the host has this feature, and KVM exposes it to the guest as well. For this feature to be enabled please use the qemu commandline -cpu $MODEL,+spec-ctrl,+ssbd so the guest OS can take advantage of the feature. spec-ctrl and ssbd support is also required in the host. This feature was added: - Add support for block resize support for xen disks through the monitor This non-security issue was fixed: - bsc#1079405: Add new look up path "sys/class/tpm" for tpm cancel path based on Linux 4.0 change Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patchSUSE-SLE-SERVER-12-SP2-BCL-2018-946=1 Package List: - SUSE Linux Enterprise Server 12-SP2-BCL (noarch): qemu-ipxe-1.0.0-41.40.1 qemu-seabios-1.9.1-41.40.1 qemu-sgabios-8-41.40.1 qemu-vgabios-1.9.1-41.40.1 - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): qemu-2.6.2-41.40.1 qemu-block-curl-2.6.2-41.40.1 qemu-block-curl-debuginfo-2.6.2-41.40.1 qemu-block-rbd-2.6.2-41.40.1 qemu-block-rbd-debuginfo-2.6.2-41.40.1 qemu-block-ssh-2.6.2-41.40.1 qemu-block-ssh-debuginfo-2.6.2-41.40.1 qemu-debugsource-2.6.2-41.40.1 qemu-guest-agent-2.6.2-41.40.1 qemu-guest-agent-debuginfo-2.6.2-41.40.1 qemu-kvm-2.6.2-41.40.1 qemu-lang-2.6.2-41.40.1 qemu-tools-2.6.2-41.40.1 qemu-tools-debuginfo-2.6.2-41.40.1 qemu-x86-2.6.2-41.40.1 qemu-x86-debuginfo-2.6.2-41.40.1 References: https://www.suse.com/security/cve/CVE-2018-3639.html https://bugzilla.suse.com/1079405 https://bugzilla.suse.com/1092885 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . SUSE has rolled out a Security Update for QEMU that tackles the Spectre v4 vulnerability, providing crucial updates and enhancements.. SUSE Security Update,qemu update,SUSE Linux. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Oct 18, 2018 Important SuSE
Banner 3 1028x280 1708121785 1771599793
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorymoderatedebian

Debian: DSA-4210-1 Moderate: Xen Spectre V4 Mitigation Announcement

This update provides mitigations for the Spectre v4 variant in x86-based micro processors. On Intel CPUs this requires updated microcode which is currently not released publicly (but your hardware vendor may have issued an update). For servers with AMD CPUs no microcode update is . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4210-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff May 25, 2018 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : xen CVE ID : CVE-2018-3639 This update provides mitigations for the Spectre v4 variant in x86-based micro processors. On Intel CPUs this requires updated microcode which is currently not released publicly (but your hardware vendor may have issued an update). For servers with AMD CPUs no microcode update is needed, please refer to https://xenbits.xen.org/xsa/advisory-263.html for further information. For the stable distribution (stretch), this problem has been fixed in version 4.8.3+xsa262+shim4.10.0+comet3-1+deb9u7. We recommend that you upgrade your xen packages. For the detailed security status of xen please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/xen Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . This notice outlines strategies to counter Spectre v4 vulnerabilities on x86 CPUs and provides essential upgrade instructions for users on the Debian platform.. Debian Security, Spectre Mitigation, Xen Update. . LinuxSecurity.com Team

Calendar 2 May 25, 2018 Debian
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedorabrowser

Fedora 26: Icecat Update RHSA-2018:0520 Security: Spectre Mitigation

- Update to 52.5.3 - Patched for mozilla bug-1427870 (spectre mitigation). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-e1539d9bc6 2018-01-17 22:33:42.956915 --------------------------------------------------------------------------------Name : icecat Product : Fedora 26 Version : 52.5.3 Release : 2.fc26 URL : Summary : GNU version of Firefox browser Description : GNUZilla Icecat is a fully-free fork of Mozilla Firefox ESR. Extensions included to this version of IceCat: * LibreJS GNU LibreJS aims to address the JavaScript problem described in Richard Stallman's article The JavaScript Trap. * SpyBlock Blocks privacy trackers while in normal browsing mode, and all third party requests when in private browsing mode. Based on Adblock Plus. * AboutIceCat Adds a custom "about:icecat" homepage with links to information about the free software and privacy features in IceCat, and check-boxes to enable and disable the ones more prone to break websites. * HTML5-video-everywhere Uses the native video player to play embedded videos from different sources * Fingerprinting countermeasures: Fingerprinting is a series of techniques allowing to uniquely identify a browser based on specific characteristics of that particular instance (like what fonts are available in that machine). Unlike cookies the user cannot opt-out of being tracked this way, so the browser has to avoid giving away that kind of hints. --------------------------------------------------------------------------------Update Information: - Update to 52.5.3 - Patched for mozilla bug-1427870 (spectre mitigation) --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade icecat' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Fedora 26 has launched a crucial update for its IceCat browser, enhancing spectre mitigation and privacy features while safeguarding user data against threats. Fedora Icecat Update, Browser Security, Spectre Mitigation. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 17, 2018 Important Fedora
Banner 3 1028x280 1708121785 1771599793
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorakernel update

Fedora 26: 2018-e6fe35524d Critical: Kernel Spectre Mitigations

The 4.14.13 stable kernel update contains a number of important fixes across the tree. This is also the first update to contain some spectre mitigations. Some patches for variant 1 as well as the initial retpoline build for variant 2. These variant 2 mitigations will improve with further patches, and once compiler support is improved.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-e6fe35524d 2018-01-13 20:56:41.622209 --------------------------------------------------------------------------------Name : kernel Product : Fedora 26 Version : 4.14.13 Release : 200.fc26 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package --------------------------------------------------------------------------------Update Information: The 4.14.13 stable kernel update contains a number of important fixes across the tree. This is also the first update to contain some spectre mitigations. Some patches for variant 1 as well as the initial retpoline build for variant 2. These variant 2 mitigations will improve with further patches, and once compiler support is improved. --------------------------------------------------------------------------------References: [ 1 ] Bug #1514969 - Bug in backlight handling renders system almost unusable https://bugzilla.redhat.com/show_bug.cgi?id=1514969 [ 2 ] Bug #1531182 - Out-of-tree kernel modules fail to build on aarch64 https://bugzilla.redhat.com/show_bug.cgi?id=1531182 [ 3 ] Bug #1532058 - CONFIG_RESET_ATTACK_MITIGATION forces Lenovo X220 to hard power off and power on instead of reboot https://bugzilla.redhat.com/show_bug.cgi?id=1532058 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade kernel' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . The new Ubuntu system kernel release introduces essential corrections and protections against spectre vulnerabilities to improve overall security.. Fedora Kernel Update, Spectre Mitigation, System Security Patches. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jan 13, 2018 Critical Fedora
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here