Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
100
security advisorymoderatesecurity updateSUSE SLES12SP5: 2021:199-1 Moderate: Curl Stack Disclosure
The container suse/sles12sp5 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sles12sp5 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2021:199-1 Container Tags : suse/sles12sp5:6.5.182 , suse/sles12sp5:latest Container Release : 6.5.182 Severity : moderate Type : security References : 1186114 CVE-2021-22898 ----------------------------------------------------------------- The container suse/sles12sp5 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:1763-1 Released: Wed May 26 12:31:57 2021 Summary: Security update for curl Type: security Severity: moderate References: 1186114,CVE-2021-22898 This update for curl fixes the following issues: - CVE-2021-22898: Fixed curl TELNET stack contents disclosure (bsc#1186114). - Allow partial chain verification [jsc#SLE-17956] * Have intermediate certificates in the trust store be treated as trust-anchors, in the same way as self-signed root CA certificates are. This allows users to verify servers using the intermediate cert only, instead of needing the whole chain. * Set FLAG_TRUSTED_FIRST unconditionally. * Do not check partial chains with CRL check. . SUSE Container Security Announcement for suse/sles12sp5 addresses vulnerabilities in curl classified with moderate impact.. SUSE Security Update,curl CVE-2021-22898,container advisory,sles12sp5 update. . LinuxSecurity.com Team
May 27, 2021
SuSE
100
security advisorymoderatemoderate severitySUSE: 2022:240-1 High: OpenSSL Security Vulnerability Report
The container suse/sles12sp3 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sles12sp3 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2021:198-1 Container Tags : suse/sles12sp3:2.0.2 , suse/sles12sp3:24.259 , suse/sles12sp3:latest Container Release : 24.259 Severity : moderate Type : security References : 1186114 CVE-2021-22898 ----------------------------------------------------------------- The container suse/sles12sp3 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:1665-1 Released: Wed May 26 12:32:50 2021 Summary: Security update for curl Type: security Severity: moderate References: 1186114,CVE-2021-22898 This update for curl fixes the following issues: - CVE-2021-22898: Fixed curl TELNET stack contents disclosure (bsc#1186114). . SUSE Container Refresh: suse/sles12sp3 now features updates that incorporate fixes for curl, resolving the TELNET stack exposure vulnerability.. SUSE Container Update, Curl Security Fix, Stack Disclosure Patch. . LinuxSecurity.com Team
May 27, 2021
SuSE
203
security advisorysecurity issuemedium severityMageia 7: MGASA-2020-0134 Medium: Libgd Stack Disclosure
The updated packages fix a security vulnerability: When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to . MGASA-2020-0134 - Updated libgd packages fix security vulnerability Publication date: 08 Mar 2020 URL: https://advisories.mageia.org/MGASA-2020-0134.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-11038 The updated packages fix a security vulnerability: When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code. (CVE-2019-11038) References: - https://bugs.mageia.org/show_bug.cgi?id=26306 - http://lists.suse.com/pipermail/sle-security-updates/2020-March/006579.html - https://www.cve.org/CVERecord?id=CVE-2019-11038 SRPMS: - 7/core/libgd-2.2.5-5.2.mga7 . Mageia has released an update for libgd to address a security vulnerability stemming from an uninitialized variable, which may result in potential data leakage.. libgd security update, Mageia security patch, GD Graphics Library issue. . Severity: Medium. LinuxSecurity.com Team
Mar 08, 2020
•Medium
Mageia
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!