Stay Vigilant with Timely Linux Security Advisories

Refine advisories

X Clear Filters

Critical (3)

Dovecot (141)

debian (8034)

denial of service (18299)

important (27751)

information leak (1384)

security advisory (114945)

critical (18622)

gsasl (5)

security update (9017)

SuSE (3977)

Debian LTS (2)

Debian (1)

Gentoo (1)

SuSE (1)

Published Date Range

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Linux Advisory Watch

Linux Security Week

Community Poll

More Polls

What got you started with Linux?

Message!

Self-taught through trial and error
Formal training or courses
A job that required it
Other

No answer selected. Please try again.

Please select either existing option or enter your own, however not both.

Please select minimum {0} answer(s).

Please select maximum {0} answer(s).

/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json

150

radio

Self-taught through trial and error (78.48%)

78.48% votes

Formal training or courses (4.3%)

4.3% votes

A job that required it (4.88%)

4.88% votes

Other (12.34%)

12.34% votes

[{"id":483,"title":"Self-taught through trial and error","votes":547,"type":"x","order":1,"pct":78.48,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.88,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.34,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

bottom 200

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

We found -3 articles for you...

197

security advisorydebiancritical threat

Debian LTS DLA-3794-1 Critical: Putty SSH Threat Remediation

Putty, a Telnet/SSH client for X, was vulnerable. CVE-2019-17069 . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3794-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Bastien RoucariÃ¨s April 25, 2024 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : putty Version : 0.74-1+deb11u1~deb10u1 CVE ID : CVE-2019-17069 CVE-2020-14002 CVE-2021-36367 CVE-2023-48795 Debian Bug : 990901 Putty, a Telnet/SSH client for X, was vulnerable. CVE-2019-17069 PuTTY allowed remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message. CVE-2020-14002 PuTTY had an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allowed man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). CVE-2021-36367 PuTTY proceeded with establishing an SSH session even if it has never sent a substantive authentication response. This made it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt (that the attacker can use to capture credential data, and use that data for purposes that are undesired by the client user). CVE-2023-48795 PuTTY was vulnerable to Terrapin attack. The SSH transport protocol with certain OpenSSH extensions, allowed remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. Forexample, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305 and (if CBC is used) the -etm MAC algorithms. For Debian 10 buster, this problem has been fixed in version 0.74-1+deb11u1~deb10u1. We recommend that you upgrade your putty packages. For the detailed security status of putty please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/putty Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS Advisory DLA-3794-1 addresses critical security vulnerabilities in PuTTY, urging users to upgrade promptly to safeguard their data integrity. putty updates, debian security, SSH client, remote access, Linux security. . Severity: Critical. LinuxSecurity.com Team

Apr 25, 2024 •Critical Debian LTS

197

security advisorydebianauthentication issue

Debian LTS: DLA-2860-1 Critical Security Advisory for Paramiko

A couple of vulnerabilites were found in paramiko, an implementation of SSHv2 protocol in Python. CVE-2018-1000805 . - --------------------------------------------------------------------- Debian LTS Advisory DLA-2860-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Utkarsh Gupta December 28, 2021 https://wiki.debian.org/LTS - --------------------------------------------------------------------- Package : paramiko Version : 2.0.0-1+deb9u1 CVE ID : CVE-2018-7750 CVE-2018-1000805 Debian Bug : 892859 910760 A couple of vulnerabilites were found in paramiko, an implementation of SSHv2 protocol in Python. CVE-2018-1000805 Fix to prevent malicious clients to trick the Paramiko server into thinking an unauthenticated client is authenticated. CVE-2018-7750 Fix check whether authentication is completed before processing other requests. A customized SSH client can simply skip the authentication step. For Debian 9 stretch, these problems have been fixed in version 2.0.0-1+deb9u1. We recommend that you upgrade your paramiko packages. For the detailed security status of paramiko please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/paramiko Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS Advisory DLA-2861-1 concerns vulnerabilities in the paramiko library impacting the SSHv2 protocol functionality.. Debian LTS, Paramiko Security, SSH Vulnerability, Python Updates. . Severity: Critical. LinuxSecurity.com Team

Dec 28, 2021 •Critical Debian LTS

security advisorymoderatered hat

Red Hat Enterprise Linux 8 Update RHSA-2019-3702-01 Fixes for OpenSSH Bug

An update for openssh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from . -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: openssh security, bug fix, and enhancement update Advisory ID: RHSA-2019:3702-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:3702 Issue date: 2019-11-05 CVE Names: CVE-2018-20685 CVE-2019-6109 CVE-2019-6111 ==================================================================== 1. Summary: An update for openssh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. The following packages have been upgraded to a later upstream version: openssh (8.0p1). (BZ#1691045) Security Fix(es): * openssh: scp client improper directory name validation (CVE-2018-20685) * openssh: Improper validation of object names allows malicious server to overwrite files via scp client (CVE-2019-6111) * openssh: Missing character encoding in progress display allows for spoofing of scpclient output (CVE-2019-6109) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the OpenSSH server daemon (sshd) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1665785 - CVE-2018-20685 openssh: scp client improper directory name validation 1666119 - CVE-2019-6109 openssh: Missing character encoding in progress display allows for spoofing of scp client output 1666127 - CVE-2019-6111 openssh: Improper validation of object names allows malicious server to overwrite files via scp client 1667519 - ssh-copy-id hangs when the remote system is out of space 1668325 - openssh - man pages do not mention crypto-policies 1683295 - Kerberos cleanup procedures do not work with GSSAPIDelegateCredentials and default ccache from krb5.conf 1685096 - In FIPS mode, during DH group exchange, OpenSSH client should validate the received moduli, making sure it is one of the known groups. 1686065 - SSH connections get closed when time-based rekeyring is used and ClientAliveMaxCount=0 1691045 - Rebase OpenSSH to latest release (8.0p1?) 1707485 - Use high-level API to do signatures 1712436 - MD5 is used when writing password protected PEM 1732424 - ssh-keygen -A fails in FIPS mode because of DSA key 1732449 - rsa-sha2-*This email address is being protected from spambots. You need JavaScript enabled to view it. host key types are ignored in FIPS despite being in the policy 6. Package List: Red Hat Enterprise Linux AppStream (v.8): aarch64: openssh-askpass-8.0p1-3.el8.aarch64.rpm openssh-askpass-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-cavs-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-clients-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-debugsource-8.0p1-3.el8.aarch64.rpm openssh-keycat-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-ldap-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-server-debuginfo-8.0p1-3.el8.aarch64.rpm pam_ssh_agent_auth-debuginfo-0.10.3-7.3.el8.aarch64.rpm ppc64le: openssh-askpass-8.0p1-3.el8.ppc64le.rpm openssh-askpass-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-cavs-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-clients-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-debugsource-8.0p1-3.el8.ppc64le.rpm openssh-keycat-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-ldap-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-server-debuginfo-8.0p1-3.el8.ppc64le.rpm pam_ssh_agent_auth-debuginfo-0.10.3-7.3.el8.ppc64le.rpm s390x: openssh-askpass-8.0p1-3.el8.s390x.rpm openssh-askpass-debuginfo-8.0p1-3.el8.s390x.rpm openssh-cavs-debuginfo-8.0p1-3.el8.s390x.rpm openssh-clients-debuginfo-8.0p1-3.el8.s390x.rpm openssh-debuginfo-8.0p1-3.el8.s390x.rpm openssh-debugsource-8.0p1-3.el8.s390x.rpm openssh-keycat-debuginfo-8.0p1-3.el8.s390x.rpm openssh-ldap-debuginfo-8.0p1-3.el8.s390x.rpm openssh-server-debuginfo-8.0p1-3.el8.s390x.rpm pam_ssh_agent_auth-debuginfo-0.10.3-7.3.el8.s390x.rpm x86_64: openssh-askpass-8.0p1-3.el8.x86_64.rpm openssh-askpass-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-cavs-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-clients-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-debugsource-8.0p1-3.el8.x86_64.rpm openssh-keycat-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-ldap-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-server-debuginfo-8.0p1-3.el8.x86_64.rpm pam_ssh_agent_auth-debuginfo-0.10.3-7.3.el8.x86_64.rpm Red Hat Enterprise Linux BaseOS (v.8): Source: openssh-8.0p1-3.el8.src.rpm aarch64: openssh-8.0p1-3.el8.aarch64.rpm openssh-askpass-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-cavs-8.0p1-3.el8.aarch64.rpm openssh-cavs-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-clients-8.0p1-3.el8.aarch64.rpm openssh-clients-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-debugsource-8.0p1-3.el8.aarch64.rpm openssh-keycat-8.0p1-3.el8.aarch64.rpm openssh-keycat-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-ldap-8.0p1-3.el8.aarch64.rpm openssh-ldap-debuginfo-8.0p1-3.el8.aarch64.rpm openssh-server-8.0p1-3.el8.aarch64.rpm openssh-server-debuginfo-8.0p1-3.el8.aarch64.rpm pam_ssh_agent_auth-0.10.3-7.3.el8.aarch64.rpm pam_ssh_agent_auth-debuginfo-0.10.3-7.3.el8.aarch64.rpm ppc64le: openssh-8.0p1-3.el8.ppc64le.rpm openssh-askpass-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-cavs-8.0p1-3.el8.ppc64le.rpm openssh-cavs-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-clients-8.0p1-3.el8.ppc64le.rpm openssh-clients-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-debugsource-8.0p1-3.el8.ppc64le.rpm openssh-keycat-8.0p1-3.el8.ppc64le.rpm openssh-keycat-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-ldap-8.0p1-3.el8.ppc64le.rpm openssh-ldap-debuginfo-8.0p1-3.el8.ppc64le.rpm openssh-server-8.0p1-3.el8.ppc64le.rpm openssh-server-debuginfo-8.0p1-3.el8.ppc64le.rpm pam_ssh_agent_auth-0.10.3-7.3.el8.ppc64le.rpm pam_ssh_agent_auth-debuginfo-0.10.3-7.3.el8.ppc64le.rpm s390x: openssh-8.0p1-3.el8.s390x.rpm openssh-askpass-debuginfo-8.0p1-3.el8.s390x.rpm openssh-cavs-8.0p1-3.el8.s390x.rpm openssh-cavs-debuginfo-8.0p1-3.el8.s390x.rpm openssh-clients-8.0p1-3.el8.s390x.rpm openssh-clients-debuginfo-8.0p1-3.el8.s390x.rpm openssh-debuginfo-8.0p1-3.el8.s390x.rpm openssh-debugsource-8.0p1-3.el8.s390x.rpm openssh-keycat-8.0p1-3.el8.s390x.rpm openssh-keycat-debuginfo-8.0p1-3.el8.s390x.rpm openssh-ldap-8.0p1-3.el8.s390x.rpm openssh-ldap-debuginfo-8.0p1-3.el8.s390x.rpm openssh-server-8.0p1-3.el8.s390x.rpm openssh-server-debuginfo-8.0p1-3.el8.s390x.rpm pam_ssh_agent_auth-0.10.3-7.3.el8.s390x.rpm pam_ssh_agent_auth-debuginfo-0.10.3-7.3.el8.s390x.rpm x86_64: openssh-8.0p1-3.el8.x86_64.rpm openssh-askpass-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-cavs-8.0p1-3.el8.x86_64.rpm openssh-cavs-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-clients-8.0p1-3.el8.x86_64.rpm openssh-clients-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-debugsource-8.0p1-3.el8.x86_64.rpm openssh-keycat-8.0p1-3.el8.x86_64.rpm openssh-keycat-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-ldap-8.0p1-3.el8.x86_64.rpm openssh-ldap-debuginfo-8.0p1-3.el8.x86_64.rpm openssh-server-8.0p1-3.el8.x86_64.rpm openssh-server-debuginfo-8.0p1-3.el8.x86_64.rpm pam_ssh_agent_auth-0.10.3-7.3.el8.x86_64.rpm pam_ssh_agent_auth-debuginfo-0.10.3-7.3.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2018-20685 https://access.redhat.com/security/cve/CVE-2019-6109 https://access.redhat.com/security/cve/CVE-2019-6111 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE-----Version: GnuPGv1 iQIVAwUBXcHzKNzjgjWX9erEAQiytQ/6Apphov2V0QmnXA+KO3ZZKBPXtgKv8Sv1 dPtXhTC+Keq4yX9/bXlIuyk6BUsMeaiIMlL5bSSKtq2I7rVxwubTcPX4rD+pQvx8 ArNJgn7U2/3xqwc0R8dNXx6o8vB1M6jXDtu8fKJOxW48evDJf6gE4gX2KUM9yxR2 MhCoHVkLp9a5f0T11yFPI11H0P8gXXQgboAkdt82Ui35T4tD8RndVyPCsllN2c/X QCCbvZ9e8OLJJoxsOryLcw8tpQHXK2AJMXWv0Us99kQtbaBULWWahhrg/tftLxtT pILFBaB/RsmGg1O6OkxJ2CuKl6ATC2Wlj/Z7uYPrS7MQDn+fXkH2gfcjb4Z4rqIL IyKbUpsyFEAaV5rJUeRaS7dGfuQldQbS96P8lUpCcOXPbYD8FgTrW2q3NjOKgYMU +gh2xPwmlRm+iYfmedPoR2+bTWNYv8JS+Cp/fZF4IFx2EJPQcxKLYshNKgcfkNkR rIZ4brUI79p84H01TcTh4mFAbR63Y+c36UAI3/fM/W/RkZn/PdoJtpfwg/tjOYZH rt9kL7SfAEhjHNtBuJGNol6e124srS6300hnfFovAr6llDOcYlrh3ZgVZjVrn6E8 TZhyZ84TGMOqykfH7B9XkJH82X+x3rd2m0ovCPq+Ly62BasdXVd0C2snzbx8OAM8 I+am8dhVlyM=iPw4 -----END PGP SIGNATURE-------RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Critical Debian notice regarding OpenSSH tackles vulnerabilities and enhancements for commercial Linux distributions.. openssh update, red hat advisory, security fix, enterprise linux, openssh bug. . LinuxSecurity.com Team

Nov 05, 2019 Red Hat

100

security advisorymoderatefile overwrite

SUSE: 2019:14030-1 Moderate: OpenSSH File Overwrite Threat

An update that solves two vulnerabilities and has four fixes is now available. . SUSE Security Update: Security update for openssh ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:14030-1 Rating: moderate References: #1090671 #1115550 #1119183 #1121816 #1121821 #1131709 Cross-References: CVE-2019-6109 CVE-2019-6111 Affected Products: SUSE Linux Enterprise Server 11-SP4-LTSS SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves two vulnerabilities and has four fixes is now available. Description: This update for openssh fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers (bsc#1121816). - CVE-2019-6111: Properly validate object names received by the scp client to prevent arbitrary file overwrites when interacting with a malicious SSH server (bsc#1121821). Other issues fixed: - Fixed two race conditions in sshd relating to SIGHUP (bsc#1119183). - Returned proper reason for port forwarding failures (bsc#1090671). - Fixed SSHD termination of multichannel sessions with non-root users (bsc#1115550). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4-LTSS: zypper in -t patch slessp4-openssh-14030=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-openssh-14030=1 Package List: - SUSE Linux Enterprise Server 11-SP4-LTSS (i586 ppc64 s390x x86_64): openssh-6.6p1-36.20.1 openssh-askpass-gnome-6.6p1-36.20.1 openssh-fips-6.6p1-36.20.1 openssh-helpers-6.6p1-36.20.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ppc64 s390x x86_64): openssh-askpass-gnome-debuginfo-6.6p1-36.20.1 openssh-debuginfo-6.6p1-36.20.1 openssh-debugsource-6.6p1-36.20.1 References: https://www.suse.com/security/cve/CVE-2019-6109.html https://www.suse.com/security/cve/CVE-2019-6111.html https://bugzilla.suse.com/1090671 https://bugzilla.suse.com/1115550 https://bugzilla.suse.com/1119183 https://bugzilla.suse.com/1121816 https://bugzilla.suse.com/1121821 https://bugzilla.suse.com/1131709 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . SUSE publishes a security bulletin for openssh addressing significant vulnerabilities such as file overwrite risks and encoding concerns.. openSSH Security Update, SUSE Linux Advisory, Moderate Vulnerabilities Fix, File Overwrite Security, Encoding Issues in SSH. . LinuxSecurity.com Team

Apr 25, 2019 SuSE

security advisorycriticaldebian

Debian Wheezy: DSA-3190-1 Critical: Putty Memory Leak Exponential Issue

Patrick Coleman discovered that the Putty SSH client failed to wipe out unused sensitive memory. In addition Florent Daigniere discovered that exponential values in . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3190-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Moritz Muehlenhoff March 15, 2015 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : putty CVE ID : CVE-2015-2157 Patrick Coleman discovered that the Putty SSH client failed to wipe out unused sensitive memory. In addition Florent Daigniere discovered that exponential values in Diffie Hellman exchanges were insufficienty restricted. For the stable distribution (wheezy), this problem has been fixed in version 0.62-9+deb7u2. For the upcoming stable distribution (jessie), this problem has been fixed in version 0.63-10. For the unstable distribution (sid), this problem has been fixed in version 0.63-10. We recommend that you upgrade your putty packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . A critical vulnerability within the Putty SSH client manifests as a memory leakage and inadequate access controls, prompting an immediate call for updates among Debian user base.. Putty Security Update, Debian DSA-3190-1, SSH Client Memory Issue. . Severity: Critical. LinuxSecurity.com Team

Mar 15, 2015 •Critical Debian

security advisorysecurity issuegentoo

Gentoo GLSA-201308-01 Normal: Putty Security Threats and Fixes

Multiple vulnerabilities have been found in Putty, allowing attackers to compromise user system. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201308-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: PuTTY: Multiple Vulnerabilities Date: August 21, 2013 Bugs: #394429, #479872 ID: 201308-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in Putty, allowing attackersto compromise user system Background ========= PuTTY is a telnet and SSH client. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/putty < 0.63 > = 0.63 Description ========== Multiple vulnerabilities have been discovered in PuTTY. Please review the CVE identifiers referenced below for details. Impact ===== An attacker could entice a user to open connection to specially crafted SSH server, possibly resulting in execution of arbitrary code with the privileges of the process or obtain sensitive information. Workaround ========= There is no known workaround at this time. Resolution ========= All PuTTY users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =net-misc/putty-0.63" References ========= [ 1 ] CVE-2011-4607 http://nvd.nist.gov/nvd.cvm?cvename=CVE-2011-4607 [ 2 ] CVE-2013-4852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4852 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201308-01 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2013 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . To address vulnerabilities in PuTTY on Gentoo as per GLSA 201308-01, promptly update your software to the latest version to enhance system security. Putty Security,Gentoo Advisory,Remote Code Execution,SSH Client Security. . LinuxSecurity.com Team

Aug 21, 2013 Gentoo

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Linux Advisory Watch

Linux Security Week

Community Poll

More Polls

What got you started with Linux?

Message!

Self-taught through trial and error
Formal training or courses
A job that required it
Other

No answer selected. Please try again.

Please select either existing option or enter your own, however not both.

Please select minimum {0} answer(s).

Please select maximum {0} answer(s).

/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json

150

radio

Self-taught through trial and error (78.48%)

78.48% votes

Formal training or courses (4.3%)

4.3% votes

A job that required it (4.88%)

4.88% votes

Other (12.34%)

12.34% votes

bottom 200

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

Debian LTS DLA-3794-1 Critical: Putty SSH Threat Remediation

Debian LTS: DLA-2860-1 Critical Security Advisory for Paramiko

Red Hat Enterprise Linux 8 Update RHSA-2019-3702-01 Fixes for OpenSSH Bug

SUSE: 2019:14030-1 Moderate: OpenSSH File Overwrite Threat

Debian Wheezy: DSA-3190-1 Critical: Putty Memory Leak Exponential Issue

Gentoo GLSA-201308-01 Normal: Putty Security Threats and Fixes

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!