Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 0 articles for you...
89
security advisoryFedoracritical fixFedora 37: FEDORA-2023-638681260a Critical: Kernel Update Issues
The 6.4.9 stable kernel update contains a number of important fixes across the tree.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-638681260a 2023-08-10 00:42:13.645013 -------------------------------------------------------------------------------- Name : kernel Product : Fedora 37 Version : 6.4.9 Release : 100.fc37 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package -------------------------------------------------------------------------------- Update Information: The 6.4.9 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog: * Tue Aug 8 2023 Justin M. Forbes [6.4.9-0] - Config updates for 6.4.9 (Justin M. Forbes) - Update BugsFixed for 6.4.9 (Justin M. Forbes) - Add some BugsFixed for the 6.4.9 update (Justin M. Forbes) - ACPI: resource: revert "Remove "Zen" specific match and quirks" (Hans de Goede) - arm: i.MX: Some minor NXP i.MX cleanups (Peter Robinson) - Linux v6.4.9 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2207625 - CVE-2023-20569 hw amd: Return Address Predictor velunerability leading to information disclosure https://bugzilla.redhat.com/show_bug.cgi?id=2207625 [ 2 ] Bug #2230156 - CVE-2023-34319 xen: buffer overrun in netback due to unusual packet (XSA-432) https://bugzilla.redhat.com/show_bug.cgi?id=2230156 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-638681260a' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. Moredetails on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Aug 10, 2023
•Critical
Fedora
89
security advisoryfedorakernel updateFedora 36: FEDORA-2022-b8b1e358e1 Critical Kernel Update
The 5.17.14 stable kernel update contains a number of important fixes across the tree.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-b8b1e358e1 2022-06-16 01:19:44.411407 --------------------------------------------------------------------------------Name : kernel Product : Fedora 36 Version : 5.17.14 Release : 300.fc36 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package --------------------------------------------------------------------------------Update Information: The 5.17.14 stable kernel update contains a number of important fixes across the tree. --------------------------------------------------------------------------------ChangeLog: * Thu Jun 9 2022 Justin M. Forbes [5.17.14-0] - Config updates for stable backports (Justin M. Forbes) --------------------------------------------------------------------------------References: [ 1 ] Bug #2092542 - CVE-2022-1973 kernel: a double-free in ntfs3 log_replay may lead to a crash https://bugzilla.redhat.com/show_bug.cgi?id=2092542 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-b8b1e358e1' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jun 15, 2022
•Critical
Fedora
202
security advisorysecurity fixcommand injectionopenSUSE: 2021:1274-1 Important: Command Injection Security Fix
An update that solves one vulnerability and has three fixes is now available. . openSUSE Security Update: Security update for fail2ban ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:1274-1 Rating: important References: #1145181 #1146856 #1180738 #1188610 Cross-References: CVE-2021-32749 CVSS scores: CVE-2021-32749 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.2 openSUSE Backports SLE-15-SP3 openSUSE Backports SLE-15-SP2 openSUSE Backports SLE-15-SP1 ______________________________________________________________________________ An update that solves one vulnerability and has three fixes is now available. Description: This update for fail2ban fixes the following issues: - CVE-2021-32749: prevent a command injection via mail command (boo#1188610) - Integrate change to resolve boo#1146856 and boo#1180738 Update to 0.11.2 - increased stability, filter and action updates New Features and Enhancements * fail2ban-regex: - speedup formatted output (bypass unneeded stats creation) - extended with prefregex statistic - more informative output for `datepattern` (e. g. set from filter) - pattern : description * parsing of action in jail-configs considers space between action-names as separator also (previously only new-line was allowed), for example `action = a b` would specify 2 actions `a` and `b` * new filter and jail for GitLab recognizing failed application logins (gh#fail2ban/fail2ban#2689) * new filter and jail for Grafana recognizing failed application logins (gh#fail2ban/fail2ban#2855) * new filter and jail for SoftEtherVPN recognizing failed application logins (gh#fail2ban/fail2ban#2723) * `filter.d/guacamole.conf` extended with `logging` parameter to follow webapp-logging if it's configured (gh#fail2ban/fail2ban#2631) * `filter.d/bitwarden.conf` enhanced to support syslog (gh#fail2ban/fail2ban#2778) * introduced new prefix `{UNB}` for `datepattern` to disable word boundaries in regex; * datetemplate: improved anchor detection for capturing groups `(^...)`; * datepattern: improved handling with wrong recognized timestamps (timezones, no datepattern, etc) as well as some warnings signaling user about invalid pattern or zone (gh#fail2ban/fail2ban#2814): - filter gets mode in-operation, which gets activated if filter starts processing of new messages; in this mode a timestamp read from log-line that appeared recently (not an old line), deviating too much from now (up too 24h), will be considered as now (assuming a timezone issue), so could avoid unexpected bypass of failure (previously exceeding `findtime`); - better interaction with non-matching optional datepattern or invalid timestamps; - implements special datepattern `{NONE}` - allow to find failures totally without date-time in log messages, whereas filter will use now as timestamp (gh#fail2ban/fail2ban#2802) * performance optimization of `datepattern` (better search algorithm in datedetector, especially for single template); * fail2ban-client: extended to unban IP range(s) by subnet (CIDR/mask) or hostname (DNS), gh#fail2ban/fail2ban#2791; * extended capturing of alternate tags in filter, allowing combine of multiple groups to single tuple token with new tag prefix `
Sep 16, 2021
•Important
OpenSUSE
100
security advisorycritical updateSUSE LinuxSUSE 11-SP4: 2021-14702-1 Critical: Xen Stack Overflow & Infinite Loop
An update that solves two vulnerabilities and has one errata is now available. . SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:14702-1 Rating: important References: #1182155 #1182846 #1182975 Cross-References: CVE-2021-20257 CVE-2021-3419 CVSS scores: CVE-2021-20257 (SUSE): 3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L CVE-2021-3419 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: SUSE Linux Enterprise Server 11-SP4-LTSS SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for xen fixes the following issues: - CVE-2021-3419: Fixed a stack overflow induced by infinite recursion issue (bsc#1182975). - CVE-2021-20257: Fixed an infinite loop in the e1000 NIC emulator (bsc#1182846) - xenstored crashing with segfault (bsc#1182155). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4-LTSS: zypper in -t patch slessp4-xen-14702=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-xen-14702=1 Package List: - SUSE Linux Enterprise Server 11-SP4-LTSS (i586 x86_64): xen-kmp-default-4.4.4_48_3.0.101_108.123-61.64.1 xen-libs-4.4.4_48-61.64.1 xen-tools-domU-4.4.4_48-61.64.1 - SUSE Linux Enterprise Server 11-SP4-LTSS (x86_64): xen-4.4.4_48-61.64.1 xen-doc-html-4.4.4_48-61.64.1 xen-libs-32bit-4.4.4_48-61.64.1 xen-tools-4.4.4_48-61.64.1 - SUSE Linux Enterprise Server 11-SP4-LTSS(i586): xen-kmp-pae-4.4.4_48_3.0.101_108.123-61.64.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): xen-debuginfo-4.4.4_48-61.64.1 xen-debugsource-4.4.4_48-61.64.1 References: https://www.suse.com/security/cve/CVE-2021-20257.html https://www.suse.com/security/cve/CVE-2021-3419.html https://bugzilla.suse.com/1182155 https://bugzilla.suse.com/1182846 https://bugzilla.suse.com/1182975 . Important release from SUSE regarding xen resolves buffer overflow and endless loop vulnerabilities, improving the robustness and safety of the system.. SUSE Linux, Xen Fixes, Security Update, System Stability, Critical Updates. . Severity: Critical. LinuxSecurity.com Team
Apr 19, 2021
•Critical
SuSE
89
security advisorysecurity updateFedoraFedora 33: 2021-38bacf2af2 Important: libopenmpt Security Fixes
Some more bug-fixes for the stable 0.4.x branch. -- https://lib.openmpt.org/libopenmpt/2021/03/20/security-update-0.5.7-releases-0.4.19-0.3.28/. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-38bacf2af2 2021-04-10 23:05:43.632037 --------------------------------------------------------------------------------Name : libopenmpt Product : Fedora 33 Version : 0.4.19 Release : 1.fc33 URL : https://lib.openmpt.org/libopenmpt/ Summary : C/C++ library to decode tracker music module (MOD) files Description : libopenmpt is a cross-platform C++ and C library to decode tracked music files (modules) into a raw PCM audio stream. libopenmpt is based on the player code of the OpenMPT project (Open ModPlug Tracker). In order to avoid code base fragmentation, libopenmpt is developed in the same source code repository as OpenMPT. --------------------------------------------------------------------------------Update Information: Some more bug-fixes for the stable 0.4.x branch. --https://lib.openmpt.org/libopenmpt/2021/03/20/security-update-0.5.7-releases-0.4.19-0.3.28/ --------------------------------------------------------------------------------ChangeLog: * Fri Apr 2 2021 Michael Schwendt - 0.4.19-1 - update to 0.4.19 (security release for the 0.4 series) --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-38bacf2af2' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Apr 10, 2021
•Important
Fedora
89
security advisorykernel updateFedoraFedora 33 Kernel Update: FEDORA-2021-620fb40359 Important Fixes
The 5.10.7 stable kernel update contains a number of important fixes across the tree.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-620fb40359 2021-01-16 01:32:44.205237 --------------------------------------------------------------------------------Name : kernel-headers Product : Fedora 33 Version : 5.10.7 Release : 200.fc33 URL : https://www.kernel.org/ Summary : Header files for the Linux kernel for use by glibc Description : Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package. --------------------------------------------------------------------------------Update Information: The 5.10.7 stable kernel update contains a number of important fixes across the tree. --------------------------------------------------------------------------------ChangeLog: * Tue Jan 12 2021 Justin M. Forbes - 5.10.7-200 - Linux v5.10.7 --------------------------------------------------------------------------------References: [ 1 ] Bug #1899804 - CVE-2020-28374 kernel: SCSI target (LIO) write to any block on ILO backstore https://bugzilla.redhat.com/show_bug.cgi?id=1899804 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-620fb40359' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jan 15, 2021
•Important
Fedora
89
security advisoryFedorasoftware upgradeFedora 24 Dolphin Emulator 5.0 Security Advisory: Bochs Improvements
Rebuild with new bochs version. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-3258a7e433 2017-06-16 13:14:50.415221 --------------------------------------------------------------------------------Name : dolphin-emu Product : Fedora 24 Version : 5.0 Release : 14.fc24 URL : https://dolphin-emu.org/ Summary : GameCube / Wii / Triforce Emulator Description : Dolphin is a Gamecube, Wii and Triforce (the arcade machine based on the Gamecube) emulator, which supports full HD video with several enhancements such as compatibility with all PC controllers, turbo speed, networked multiplayer, and more. Most games run perfectly or with minor bugs. --------------------------------------------------------------------------------Update Information: Rebuild with new bochs version --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade dolphin-emu' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Jun 16, 2017
•Important
Fedora
89
security advisoryfedorasoftware updateFedora 22: COPASI Security Update Moderate: Performance Improvement
- Hardened rebuild on Fedora
Nov 23, 2015
•Important
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!