Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -3 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryimportantSUSE

SUSE: 2022:1304-1 Important: Tomcat Hardening Patch for Spring Issues

An update that contains security fixes can now be installed. . SUSE Security Update: Security update for tomcat ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1304-1 Rating: important References: #1198136 Affected Products: SUSE Enterprise Storage 7 SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Module for Web Scripting 15-SP3 SUSE Linux Enterprise Module for Web Scripting 15-SP4 SUSE Linux Enterprise Server 15-SP2-BCL SUSE Linux Enterprise Server 15-SP2-LTSS SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP 15-SP2 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Manager Proxy 4.1 SUSE Manager Proxy 4.2 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 SUSE Manager Server 4.2 openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for tomcat fixes the following issues: Security hardening, related to Spring Framework vulnerabilities: - Deprecate getResources() and always return null (bsc#1198136). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-1304=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-1304=1 - SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1304=1 - SUSE Manager Retail Branch Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1304=1 - SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1304=1 - SUSE Linux Enterprise Server for SAP 15-SP2: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1304=1 - SUSE Linux Enterprise Server 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1304=1 - SUSE Linux Enterprise Server 15-SP2-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-1304=1 - SUSE Linux Enterprise Module for Web Scripting 15-SP4: zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP4-2022-1304=1 - SUSE Linux Enterprise Module for Web Scripting 15-SP3: zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP3-2022-1304=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-1304=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-1304=1 - SUSE Enterprise Storage 7: zypper in -t patch SUSE-Storage-7-2022-1304=1 Package List: - openSUSE Leap 15.4 (noarch): tomcat-9.0.36-150200.22.1 tomcat-admin-webapps-9.0.36-150200.22.1 tomcat-docs-webapp-9.0.36-150200.22.1 tomcat-el-3_0-api-9.0.36-150200.22.1 tomcat-embed-9.0.36-150200.22.1 tomcat-javadoc-9.0.36-150200.22.1 tomcat-jsp-2_3-api-9.0.36-150200.22.1 tomcat-jsvc-9.0.36-150200.22.1 tomcat-lib-9.0.36-150200.22.1 tomcat-servlet-4_0-api-9.0.36-150200.22.1 tomcat-webapps-9.0.36-150200.22.1 - openSUSE Leap 15.3 (noarch): tomcat-9.0.36-150200.22.1 tomcat-admin-webapps-9.0.36-150200.22.1 tomcat-docs-webapp-9.0.36-150200.22.1 tomcat-el-3_0-api-9.0.36-150200.22.1 tomcat-embed-9.0.36-150200.22.1 tomcat-javadoc-9.0.36-150200.22.1 tomcat-jsp-2_3-api-9.0.36-150200.22.1 tomcat-jsvc-9.0.36-150200.22.1 tomcat-lib-9.0.36-150200.22.1 tomcat-servlet-4_0-api-9.0.36-150200.22.1 tomcat-webapps-9.0.36-150200.22.1 - SUSE Manager Server 4.1 (noarch): tomcat-9.0.36-150200.22.1 tomcat-admin-webapps-9.0.36-150200.22.1 tomcat-el-3_0-api-9.0.36-150200.22.1 tomcat-jsp-2_3-api-9.0.36-150200.22.1 tomcat-lib-9.0.36-150200.22.1 tomcat-servlet-4_0-api-9.0.36-150200.22.1 tomcat-webapps-9.0.36-150200.22.1 - SUSE Manager Retail Branch Server 4.1 (noarch): tomcat-9.0.36-150200.22.1 tomcat-admin-webapps-9.0.36-150200.22.1 tomcat-el-3_0-api-9.0.36-150200.22.1 tomcat-jsp-2_3-api-9.0.36-150200.22.1 tomcat-lib-9.0.36-150200.22.1 tomcat-servlet-4_0-api-9.0.36-150200.22.1 tomcat-webapps-9.0.36-150200.22.1 - SUSE Manager Proxy 4.1 (noarch): tomcat-9.0.36-150200.22.1 tomcat-admin-webapps-9.0.36-150200.22.1 tomcat-el-3_0-api-9.0.36-150200.22.1 tomcat-jsp-2_3-api-9.0.36-150200.22.1 tomcat-lib-9.0.36-150200.22.1 tomcat-servlet-4_0-api-9.0.36-150200.22.1 tomcat-webapps-9.0.36-150200.22.1 - SUSE Linux Enterprise Server for SAP 15-SP2 (noarch): tomcat-9.0.36-150200.22.1 tomcat-admin-webapps-9.0.36-150200.22.1 tomcat-el-3_0-api-9.0.36-150200.22.1 tomcat-jsp-2_3-api-9.0.36-150200.22.1 tomcat-lib-9.0.36-150200.22.1 tomcat-servlet-4_0-api-9.0.36-150200.22.1 tomcat-webapps-9.0.36-150200.22.1 - SUSE Linux Enterprise Server 15-SP2-LTSS (noarch): tomcat-9.0.36-150200.22.1 tomcat-admin-webapps-9.0.36-150200.22.1 tomcat-el-3_0-api-9.0.36-150200.22.1 tomcat-jsp-2_3-api-9.0.36-150200.22.1 tomcat-lib-9.0.36-150200.22.1 tomcat-servlet-4_0-api-9.0.36-150200.22.1 tomcat-webapps-9.0.36-150200.22.1 - SUSE Linux Enterprise Server 15-SP2-BCL (noarch): tomcat-9.0.36-150200.22.1 tomcat-admin-webapps-9.0.36-150200.22.1 tomcat-el-3_0-api-9.0.36-150200.22.1 tomcat-jsp-2_3-api-9.0.36-150200.22.1 tomcat-lib-9.0.36-150200.22.1 tomcat-servlet-4_0-api-9.0.36-150200.22.1 tomcat-webapps-9.0.36-150200.22.1 - SUSE Linux Enterprise Module for Web Scripting 15-SP4 (noarch): tomcat-9.0.36-150200.22.1 tomcat-admin-webapps-9.0.36-150200.22.1 tomcat-el-3_0-api-9.0.36-150200.22.1 tomcat-jsp-2_3-api-9.0.36-150200.22.1 tomcat-lib-9.0.36-150200.22.1 tomcat-servlet-4_0-api-9.0.36-150200.22.1 tomcat-webapps-9.0.36-150200.22.1 - SUSE Linux Enterprise Module for Web Scripting 15-SP3 (noarch): tomcat-9.0.36-150200.22.1 tomcat-admin-webapps-9.0.36-150200.22.1 tomcat-el-3_0-api-9.0.36-150200.22.1 tomcat-jsp-2_3-api-9.0.36-150200.22.1 tomcat-lib-9.0.36-150200.22.1 tomcat-servlet-4_0-api-9.0.36-150200.22.1 tomcat-webapps-9.0.36-150200.22.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch): tomcat-9.0.36-150200.22.1 tomcat-admin-webapps-9.0.36-150200.22.1 tomcat-el-3_0-api-9.0.36-150200.22.1 tomcat-jsp-2_3-api-9.0.36-150200.22.1 tomcat-lib-9.0.36-150200.22.1 tomcat-servlet-4_0-api-9.0.36-150200.22.1 tomcat-webapps-9.0.36-150200.22.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch): tomcat-9.0.36-150200.22.1 tomcat-admin-webapps-9.0.36-150200.22.1 tomcat-el-3_0-api-9.0.36-150200.22.1 tomcat-jsp-2_3-api-9.0.36-150200.22.1 tomcat-lib-9.0.36-150200.22.1 tomcat-servlet-4_0-api-9.0.36-150200.22.1 tomcat-webapps-9.0.36-150200.22.1 - SUSE Enterprise Storage 7 (noarch): tomcat-9.0.36-150200.22.1 tomcat-admin-webapps-9.0.36-150200.22.1 tomcat-el-3_0-api-9.0.36-150200.22.1 tomcat-jsp-2_3-api-9.0.36-150200.22.1 tomcat-lib-9.0.36-150200.22.1 tomcat-servlet-4_0-api-9.0.36-150200.22.1 tomcat-webapps-9.0.36-150200.22.1 References: https://bugzilla.suse.com/1198136 . Critical Security Patch Released for Tomcat: Resolving Vulnerabilities and Guidance for Setup. Delve into Major Enhancements and Fixes.. Tomcat Security Patch, SUSE Update, Spring Framework Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 22, 2022 Important SuSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorysoftware updatesecurity fix

SUSE: 2022:1294-1 Important: Tomcat Security Fixes and Spring Threats

An update that contains security fixes can now be installed. . SUSE Security Update: Security update for tomcat ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1294-1 Rating: important References: #1196137 #1198136 Affected Products: HPE Helion Openstack 8 SUSE Linux Enterprise Server 12-SP2-BCL SUSE Linux Enterprise Server 12-SP3-BCL SUSE Linux Enterprise Server 12-SP3-LTSS SUSE Linux Enterprise Server 12-SP4-LTSS SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP 12-SP3 SUSE Linux Enterprise Server for SAP 12-SP4 SUSE Linux Enterprise Server for SAP Applications 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP5 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for tomcat fixes the following issues: - Remove the log4j dependency as it is not used by the tomcat package (bsc#1196137) Security hardening, related to Spring Framework vulnerabilities: - Deprecate getResources() and always return null (bsc#1198136). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 9: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2022-1294=1 - SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2022-1294=1 - SUSE OpenStack Cloud 9: zypper in -t patch SUSE-OpenStack-Cloud-9-2022-1294=1 - SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2022-1294=1 - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-1294=1 - SUSE Linux Enterprise Server for SAP 12-SP4: zypper in -t patch SUSE-SLE-SAP-12-SP4-2022-1294=1 - SUSE Linux Enterprise Server for SAP 12-SP3: zypper in -t patch SUSE-SLE-SAP-12-SP3-2022-1294=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-1294=1 - SUSE Linux Enterprise Server 12-SP4-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2022-1294=1 - SUSE Linux Enterprise Server 12-SP3-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2022-1294=1 - SUSE Linux Enterprise Server 12-SP3-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2022-1294=1 - SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2022-1294=1 - HPE Helion Openstack 8: zypper in -t patch HPE-Helion-OpenStack-8-2022-1294=1 Package List: - SUSE OpenStack Cloud Crowbar 9 (x86_64): javapackages-filesystem-5.3.1-14.7.3 - SUSE OpenStack Cloud Crowbar 8 (x86_64): javapackages-filesystem-5.3.1-14.7.3 - SUSE OpenStack Cloud Crowbar 8 (noarch): tomcat-8.0.53-29.54.1 tomcat-admin-webapps-8.0.53-29.54.1 tomcat-docs-webapp-8.0.53-29.54.1 tomcat-el-3_0-api-8.0.53-29.54.1 tomcat-javadoc-8.0.53-29.54.1 tomcat-jsp-2_3-api-8.0.53-29.54.1 tomcat-lib-8.0.53-29.54.1 tomcat-servlet-3_1-api-8.0.53-29.54.1 tomcat-webapps-8.0.53-29.54.1 - SUSE OpenStack Cloud 9 (x86_64): javapackages-filesystem-5.3.1-14.7.3 - SUSE OpenStack Cloud 8 (x86_64): javapackages-filesystem-5.3.1-14.7.3 - SUSE OpenStack Cloud 8 (noarch): tomcat-8.0.53-29.54.1 tomcat-admin-webapps-8.0.53-29.54.1 tomcat-docs-webapp-8.0.53-29.54.1 tomcat-el-3_0-api-8.0.53-29.54.1 tomcat-javadoc-8.0.53-29.54.1 tomcat-jsp-2_3-api-8.0.53-29.54.1 tomcat-lib-8.0.53-29.54.1 tomcat-servlet-3_1-api-8.0.53-29.54.1 tomcat-webapps-8.0.53-29.54.1 - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): javapackages-filesystem-5.3.1-14.7.3 - SUSE Linux Enterprise Server for SAP 12-SP4 (ppc64le x86_64): javapackages-filesystem-5.3.1-14.7.3 - SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64): javapackages-filesystem-5.3.1-14.7.3 - SUSE Linux Enterprise Server for SAP 12-SP3 (noarch): tomcat-8.0.53-29.54.1 tomcat-admin-webapps-8.0.53-29.54.1 tomcat-docs-webapp-8.0.53-29.54.1 tomcat-el-3_0-api-8.0.53-29.54.1 tomcat-javadoc-8.0.53-29.54.1 tomcat-jsp-2_3-api-8.0.53-29.54.1 tomcat-lib-8.0.53-29.54.1 tomcat-servlet-3_1-api-8.0.53-29.54.1 tomcat-webapps-8.0.53-29.54.1 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): javapackages-filesystem-5.3.1-14.7.3 - SUSE Linux Enterprise Server 12-SP4-LTSS (aarch64 ppc64le s390x x86_64): javapackages-filesystem-5.3.1-14.7.3 - SUSE Linux Enterprise Server 12-SP3-LTSS (aarch64 ppc64le s390x x86_64): javapackages-filesystem-5.3.1-14.7.3 - SUSE Linux Enterprise Server 12-SP3-LTSS (noarch): tomcat-8.0.53-29.54.1 tomcat-admin-webapps-8.0.53-29.54.1 tomcat-docs-webapp-8.0.53-29.54.1 tomcat-el-3_0-api-8.0.53-29.54.1 tomcat-javadoc-8.0.53-29.54.1 tomcat-jsp-2_3-api-8.0.53-29.54.1 tomcat-lib-8.0.53-29.54.1 tomcat-servlet-3_1-api-8.0.53-29.54.1 tomcat-webapps-8.0.53-29.54.1 - SUSE Linux Enterprise Server 12-SP3-BCL (noarch): tomcat-8.0.53-29.54.1 tomcat-admin-webapps-8.0.53-29.54.1 tomcat-docs-webapp-8.0.53-29.54.1 tomcat-el-3_0-api-8.0.53-29.54.1 tomcat-javadoc-8.0.53-29.54.1 tomcat-jsp-2_3-api-8.0.53-29.54.1 tomcat-lib-8.0.53-29.54.1 tomcat-servlet-3_1-api-8.0.53-29.54.1 tomcat-webapps-8.0.53-29.54.1 - SUSE Linux Enterprise Server 12-SP3-BCL (x86_64): javapackages-filesystem-5.3.1-14.7.3 - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): javapackages-filesystem-5.3.1-14.7.3 - SUSE Linux Enterprise Server 12-SP2-BCL (noarch): tomcat-8.0.53-29.54.1 tomcat-admin-webapps-8.0.53-29.54.1 tomcat-docs-webapp-8.0.53-29.54.1 tomcat-el-3_0-api-8.0.53-29.54.1 tomcat-javadoc-8.0.53-29.54.1 tomcat-jsp-2_3-api-8.0.53-29.54.1 tomcat-lib-8.0.53-29.54.1 tomcat-servlet-3_1-api-8.0.53-29.54.1 tomcat-webapps-8.0.53-29.54.1 - HPE Helion Openstack 8 (noarch): tomcat-8.0.53-29.54.1 tomcat-admin-webapps-8.0.53-29.54.1 tomcat-docs-webapp-8.0.53-29.54.1 tomcat-el-3_0-api-8.0.53-29.54.1 tomcat-javadoc-8.0.53-29.54.1 tomcat-jsp-2_3-api-8.0.53-29.54.1 tomcat-lib-8.0.53-29.54.1 tomcat-servlet-3_1-api-8.0.53-29.54.1 tomcat-webapps-8.0.53-29.54.1 - HPE Helion Openstack 8 (x86_64): javapackages-filesystem-5.3.1-14.7.3 References: https://bugzilla.suse.com/1196137 https://bugzilla.suse.com/1198136 . Significant SUSE upgrade deploys security patches for Tomcat, remedying severe flaws within the Spring Framework.. SUSE Linux, Tomcat Update, Security Advisory, Open Source Security, Software Patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 21, 2022 Important SuSE
Banner 1 1028x280 1708121660 1771599717
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorysecurity fiximportant

SUSE: 2022:1293-1 Critical Update for Tomcat Spring Security Hardening

An update that contains security fixes can now be installed. . SUSE Security Update: Security update for tomcat ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1293-1 Rating: important References: #1198136 Affected Products: SUSE CaaS Platform 4.0 SUSE Enterprise Storage 6 SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS SUSE Linux Enterprise Server 15-SP1-BCL SUSE Linux Enterprise Server 15-SP1-LTSS SUSE Linux Enterprise Server for SAP 15-SP1 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for tomcat fixes the following issues: Security hardening, related to Spring Framework vulnerabilities: - Deprecate getResources() and always return null (bsc#1198136). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 15-SP1: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1293=1 - SUSE Linux Enterprise Server 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1293=1 - SUSE Linux Enterprise Server 15-SP1-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1293=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-1293=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-1293=1 - SUSE Enterprise Storage 6: zypper in -t patchSUSE-Storage-6-2022-1293=1 - SUSE CaaS Platform 4.0: To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. Package List: - SUSE Linux Enterprise Server for SAP 15-SP1 (noarch): tomcat-9.0.36-150100.4.76.1 tomcat-admin-webapps-9.0.36-150100.4.76.1 tomcat-el-3_0-api-9.0.36-150100.4.76.1 tomcat-jsp-2_3-api-9.0.36-150100.4.76.1 tomcat-lib-9.0.36-150100.4.76.1 tomcat-servlet-4_0-api-9.0.36-150100.4.76.1 tomcat-webapps-9.0.36-150100.4.76.1 - SUSE Linux Enterprise Server 15-SP1-LTSS (noarch): tomcat-9.0.36-150100.4.76.1 tomcat-admin-webapps-9.0.36-150100.4.76.1 tomcat-el-3_0-api-9.0.36-150100.4.76.1 tomcat-jsp-2_3-api-9.0.36-150100.4.76.1 tomcat-lib-9.0.36-150100.4.76.1 tomcat-servlet-4_0-api-9.0.36-150100.4.76.1 tomcat-webapps-9.0.36-150100.4.76.1 - SUSE Linux Enterprise Server 15-SP1-BCL (noarch): tomcat-9.0.36-150100.4.76.1 tomcat-admin-webapps-9.0.36-150100.4.76.1 tomcat-el-3_0-api-9.0.36-150100.4.76.1 tomcat-jsp-2_3-api-9.0.36-150100.4.76.1 tomcat-lib-9.0.36-150100.4.76.1 tomcat-servlet-4_0-api-9.0.36-150100.4.76.1 tomcat-webapps-9.0.36-150100.4.76.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch): tomcat-9.0.36-150100.4.76.1 tomcat-admin-webapps-9.0.36-150100.4.76.1 tomcat-el-3_0-api-9.0.36-150100.4.76.1 tomcat-jsp-2_3-api-9.0.36-150100.4.76.1 tomcat-lib-9.0.36-150100.4.76.1 tomcat-servlet-4_0-api-9.0.36-150100.4.76.1 tomcat-webapps-9.0.36-150100.4.76.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch): tomcat-9.0.36-150100.4.76.1 tomcat-admin-webapps-9.0.36-150100.4.76.1 tomcat-el-3_0-api-9.0.36-150100.4.76.1 tomcat-jsp-2_3-api-9.0.36-150100.4.76.1 tomcat-lib-9.0.36-150100.4.76.1 tomcat-servlet-4_0-api-9.0.36-150100.4.76.1 tomcat-webapps-9.0.36-150100.4.76.1 - SUSE Enterprise Storage 6 (noarch): tomcat-9.0.36-150100.4.76.1 tomcat-admin-webapps-9.0.36-150100.4.76.1 tomcat-el-3_0-api-9.0.36-150100.4.76.1 tomcat-jsp-2_3-api-9.0.36-150100.4.76.1 tomcat-lib-9.0.36-150100.4.76.1 tomcat-servlet-4_0-api-9.0.36-150100.4.76.1 tomcat-webapps-9.0.36-150100.4.76.1 - SUSE CaaS Platform 4.0 (noarch): tomcat-9.0.36-150100.4.76.1 tomcat-admin-webapps-9.0.36-150100.4.76.1 tomcat-el-3_0-api-9.0.36-150100.4.76.1 tomcat-jsp-2_3-api-9.0.36-150100.4.76.1 tomcat-lib-9.0.36-150100.4.76.1 tomcat-servlet-4_0-api-9.0.36-150100.4.76.1 tomcat-webapps-9.0.36-150100.4.76.1 References: https://bugzilla.suse.com/1198136 . This release for Tomcat features crucial vulnerability corrections and guidance on how to apply the necessary updates.. Tomcat Security Fix,SUSE Linux Security,SUSE Update Process. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 21, 2022 Important SuSE
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity updateremote code execution

Low Risk RCE Alert RHSA-2022:1378-01 for Red Hat Process Automation 7.12.1

An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Process Automation Manager 7.12.1 security update Advisory ID: RHSA-2022:1378-01 Product: Red Hat Process Automation Manager Advisory URL: https://access.redhat.com/errata/RHSA-2022:1378 Issue date: 2022-04-14 CVE Names: CVE-2022-22965 ==================================================================== 1. Summary: An update is now available for Red Hat Process Automation Manager. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This asynchronous security patch is an update to Red Hat Process Automation Manager 7. Security Fix(es): * spring-webmvc: spring-framework: RCE via Data Binding on JDK 9+ (CVE-2022-22965) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: A Spring MVC or Spring WebFlux application running on JDK 9 and above may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to runon Tomcat as a WAR deployment. This release upgrades Spring to 5.3.18 and Spring Boot to 2.6.6 which fixes the Spring MVC and WebFlux jars. For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on. It is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process. The References section of this erratum contains a download link (you must log in to download the update). 4. Bugs fixed (https://bugzilla.redhat.com/): 2070348 - CVE-2022-22965 spring-framework: RCE via Data Binding on JDK 9+ 5. References: https://access.redhat.com/security/cve/CVE-2022-22965 https://access.redhat.com/security/updates/classification#low https://access.redhat.com/security/vulnerabilities/RHSB-2022-003 https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=rhpam&downloadType=securityPatches&version=7.12.1 6. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYlidJtzjgjWX9erEAQj9qw//Tpvclr+/j53jkkMoXgsNRkBO7PN0SMLb 66T7YlFnn7dqKxAtpTMGVlVTT7ulN1ANxLwcb6+6GpvKAeYGKJHKgerMag1RL2NJ /6PAstNRQkbm99XfFdhI30hUu89pX2u3kN5mneH1mzgha73wgAm8t0Z2tAf2uTCk MfvtTSO7NbBPAjSccPebIOgAULsBHifXop82oF6YWeVJvm1gcrd8fFvq7fSqGDxU rWa+eheQzxxwrfADv3xQu/Xe8z2t0ImiYpZAdAdeozBEQ+MFZNEafXu1TBwmVbYo Rg0lL3lK6aYslpaWC48JdVRcoprAgZ6B1nH7D4cfOzl+R7MeCu3ixNQ/lpN3kheB 1RjhSCvRnNunS/7YBri0rFCFTBBVrbq9AnMWvvrwBRZOi1zhn2OW++QEi0XYVLyy f95wUvdOYs7xFTDOO2DReQC3hiBqn6IbRMLNvrlgRc21pMPxIJz6Fr6N8qtDZ7O1 WlOg0lstGeGGradAZWiNhYfMsdSVBw0BDtgTvm6i2KAOBHNuxgN5/6GYGHUJyUuf mccTr9QwSAaLOMDI5WkPe/CvEBVfrJ5KE/vVLy129V737nWYbWcnAJFAPj6iI/xN 0BiHJ87LKW4wl/eVTit/+KBewAFC8XOe/4GtEFYNhj1Dagl5UysFS4WfFNJid7i2 agmYcTpNsDY=GOae -----END PGPSIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://listman.redhat.com/mailman/listinfo/rhsa-announce . Red Hat has issued a minor security patch for Process Automation Manager 7.12.1 to resolve significant vulnerabilities.. Red Hat Process Automation Manager, Low Impact Update, Remote Code Execution, Security Policies. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Apr 14, 2022 Low Red Hat
Banner 1 1028x280 1708121660 1771599717
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorysoftware updatesecurity fix

SUSE: 2022:1217-1 Important: Tomcat Security Update for Spring Framework

An update that contains security fixes can now be installed. . SUSE Security Update: Security update for tomcat ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1217-1 Rating: important References: #1198136 Affected Products: SUSE Linux Enterprise Server 12-SP4-LTSS SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP 12-SP4 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 9 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for tomcat fixes the following issues: Security hardening, related to Spring Framework vulnerabilities: - Deprecate getResources() and always return null (bsc#1198136). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 9: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2022-1217=1 - SUSE OpenStack Cloud 9: zypper in -t patch SUSE-OpenStack-Cloud-9-2022-1217=1 - SUSE Linux Enterprise Server for SAP 12-SP4: zypper in -t patch SUSE-SLE-SAP-12-SP4-2022-1217=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-1217=1 - SUSE Linux Enterprise Server 12-SP4-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2022-1217=1 Package List: - SUSE OpenStack Cloud Crowbar 9 (noarch): tomcat-9.0.36-3.87.1 tomcat-admin-webapps-9.0.36-3.87.1 tomcat-docs-webapp-9.0.36-3.87.1 tomcat-el-3_0-api-9.0.36-3.87.1 tomcat-javadoc-9.0.36-3.87.1 tomcat-jsp-2_3-api-9.0.36-3.87.1 tomcat-lib-9.0.36-3.87.1 tomcat-servlet-4_0-api-9.0.36-3.87.1 tomcat-webapps-9.0.36-3.87.1 - SUSE OpenStack Cloud 9 (noarch): tomcat-9.0.36-3.87.1 tomcat-admin-webapps-9.0.36-3.87.1 tomcat-docs-webapp-9.0.36-3.87.1 tomcat-el-3_0-api-9.0.36-3.87.1 tomcat-javadoc-9.0.36-3.87.1 tomcat-jsp-2_3-api-9.0.36-3.87.1 tomcat-lib-9.0.36-3.87.1 tomcat-servlet-4_0-api-9.0.36-3.87.1 tomcat-webapps-9.0.36-3.87.1 - SUSE Linux Enterprise Server for SAP 12-SP4 (noarch): tomcat-9.0.36-3.87.1 tomcat-admin-webapps-9.0.36-3.87.1 tomcat-docs-webapp-9.0.36-3.87.1 tomcat-el-3_0-api-9.0.36-3.87.1 tomcat-javadoc-9.0.36-3.87.1 tomcat-jsp-2_3-api-9.0.36-3.87.1 tomcat-lib-9.0.36-3.87.1 tomcat-servlet-4_0-api-9.0.36-3.87.1 tomcat-webapps-9.0.36-3.87.1 - SUSE Linux Enterprise Server 12-SP5 (noarch): tomcat-9.0.36-3.87.1 tomcat-admin-webapps-9.0.36-3.87.1 tomcat-docs-webapp-9.0.36-3.87.1 tomcat-el-3_0-api-9.0.36-3.87.1 tomcat-javadoc-9.0.36-3.87.1 tomcat-jsp-2_3-api-9.0.36-3.87.1 tomcat-lib-9.0.36-3.87.1 tomcat-servlet-4_0-api-9.0.36-3.87.1 tomcat-webapps-9.0.36-3.87.1 - SUSE Linux Enterprise Server 12-SP4-LTSS (noarch): tomcat-9.0.36-3.87.1 tomcat-admin-webapps-9.0.36-3.87.1 tomcat-docs-webapp-9.0.36-3.87.1 tomcat-el-3_0-api-9.0.36-3.87.1 tomcat-javadoc-9.0.36-3.87.1 tomcat-jsp-2_3-api-9.0.36-3.87.1 tomcat-lib-9.0.36-3.87.1 tomcat-servlet-4_0-api-9.0.36-3.87.1 tomcat-webapps-9.0.36-3.87.1 References: https://bugzilla.suse.com/1198136 . Critical patch released for Tomcat to improve protection. Adhere to installation guidelines for SUSE Linux environments.. SUSE Update, Tomcat Patch, Spring Framework Security, Linux Security Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 14, 2022 Important SuSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical fix

Fedora 21 FEDORA-2015-9295d75400 Critical: Spring Framework RFD

Security fix for CVE-2015-5211. Update to 3.2.15.RELEASE. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2015-9295d75400 2015-11-01 18:13:40.461229 -------------------------------------------------------------------------------- Name : springframework Product : Fedora 21 Version : 3.2.15 Release : 1.fc21 URL : https://spring.io/projects/spring-framework/ Summary : Spring Java Application Framework Description : Spring is a layered Java/J2EE application framework, based on code published in Expert One-on-One J2EE Design and Development by Rod Johnson (Wrox, 2002). -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2015-5211. Update to 3.2.15.RELEASE -------------------------------------------------------------------------------- References: [ 1 ] Bug #1272946 - CVE-2015-5211 Spring Framework: Reflected File Download (RFD) vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1272946 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update springframework' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://lists.fedoraproject.org/admin/lists/package-announce.lists.fedoraproject.org/ . Upgrade to Spring Framework 3.2.15 addresses significant RFD vulnerability in Fedora 21. Safeguard your environments by applying this update.. Fedora Security Update, SpringFramework Patch, Reflected Download Threat. .Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 01, 2015 Critical Fedora
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here