Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian LTS openssl Important Use-After-Free NULL Pointer Issues DLA-4624-1

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 alsa-lib Important Denial of Service Fix USN-8044-2

Calendar White Jun 09, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS node-shell-quote Important Denial of Service CVE-2026-9277

Calendar White Jun 09, 2026
Important
Mageia Large Esm H800
Mageia

Mageia 9 Suricata Critical Performance Security Issues MGASA-2026-0181

Calendar White Jun 09, 2026
Critical
Mageia Large Esm H900
Mageia

Mageia 9 PackageKit Important TOCTOU Race Escalation CVE-2026-41651

Calendar White Jun 09, 2026
Important
Mageia Large Esm H900
Mageia

Mageia 9 Unbound Critical Remote Code Execution Advisory 2026-0034

Calendar White Jun 09, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS Netatalk Multiple Security Issues USN-8395-1

Calendar White Jun 09, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 mingw-objfw 1.5.5 Update Security Fix FEDORA-2026-de23fedf3e

Calendar White Jun 08, 2026
Fedora Large Esm H900
Fedora

Fedora 43 objfw Important Update 1.5.5 Bug Fixes June 2026

Calendar White Jun 08, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderatesecurity update

Fedora 28: 2018-49ab80333f Moderate: Star Binary Hardening

harden the binaries (rhbz#1548670). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2018-49ab80333f 2018-04-15 02:32:41.336876 --------------------------------------------------------------------------------Name : star Product : Fedora 28 Version : 1.5.3 Release : 12.fc28 URL : Summary : An archiving tool with ACL support Description : Star saves many files together into a single tape or disk archive, and can restore individual files from the archive. Star supports ACL. --------------------------------------------------------------------------------Update Information: harden the binaries (rhbz#1548670) --------------------------------------------------------------------------------References: [ 1 ] Bug #1548670 - star: Partial build flags injection https://bugzilla.redhat.com/show_bug.cgi?id=1548670 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade star' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . The latest security enhancement for Fedora 28 strengthens binary protection. Please consult the advisory for detailed installation guidance.. Fedora 28, Star Security Update, Binary Hardening, Software Patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 15, 2018 Important Fedora
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentoodirectory traversal

Gentoo: GLSA-200710-23 Low: Star Directory Traversal Threat

A directory traversal vulnerability has been discovered in Star.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200710-23 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: Star: Directory traversal vulnerability Date: October 22, 2007 Bugs: #189690 ID: 200710-23 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= A directory traversal vulnerability has been discovered in Star. Background ========= The Star program provides the ability to create and extract tar archives. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-arch/star < 1.5_alpha84 > = 1.5_alpha84 Description ========== Robert Buchholz of the Gentoo Security team discovered a directory traversal vulnerability in the has_dotdot() function which does not identify //.. (slash slash dot dot) sequences in file names inside tar files. Impact ===== By enticing a user to extract a specially crafted tar archive, a remote attacker could extract files to arbitrary locations outside of the specified directory with the permissions of the user running Star. Workaround ========= There is no known workaround at this time. Resolution ========= All Star users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-arch/star-1.5_alpha84" References ========= [ 1 ] CVE-2007-4134 https://www.cve.org/CVERecord?id=CVE-2007-4134 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo SecurityWebsite: https://security.gentoo.org/glsa/200710-23 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2007 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . The Star software on Gentoo contains a minor directory traversal vulnerability. Update it to mitigate risks of unauthorized file exposure.. Gentoo Linux, Star Application, Directory Traversal, Security Advisory, Application Security. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Oct 22, 2007 Low Gentoo
Banner 4 1028x280 1708121825 1771600306
200
Ls Advisories Scientific Esm H240
Price Tag 1security advisorymoderatesecurity update

Scientific Linux: CVE-2007-4134 Moderate: Star Path Traversal Threat

Moderate: star security update. Date: Wed, 5 Sep 2007 09:00:23 -0500 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA for star on SL5.x, SL4.x, SL3,x i386/x86_64 Comments: To: This email address is being protected from spambots. You need JavaScript enabled to view it. Synopsis: Moderate: star security update Issue date: 2007-09-04 CVE Names: CVE-2007-4134 A path traversal flaw was discovered in the way star extracted archives. A malicious user could create a tar archive that would cause star to write to arbitrary files to which the user running star had write access. (CVE-2007-4134) As well, this update adds the command line argument "-.." to the Red Hat Enterprise Linux 3 version of star. This allows star to extract files containing "/../" in their pathname. SL 3.0.x SRPMS: star-1.5a08-5.src.rpm i386: star-1.5a08-5.i386.rpm x86_64: star-1.5a08-5.x86_64.rpm SL 4.x SRPMS: star-1.5a25-8.src.rpm i386: star-1.5a25-8.i386.rpm x86_64: star-1.5a25-8.x86_64.rpm SL 5.x SRPMS: star-1.5a75-2.src.rpm i386: star-1.5a75-2.i386.rpm x86_64: star-1.5a75-2.x86_64.rpm -Connie Sieh -Troy Dawson . Timely security patch for Scientific Linux tackling data retrieval vulnerability. Crucial remedy for directory traversal threat.. Scientific Linux, star security update, path traversal fix, archive extraction issue. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 05, 2007 Important Scientific Linux
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisoryhigh severitysecurity issue

Gentoo: GLSA-200409-12 Critical Risk: Star SUID Root Vulnerability Exploit

star contains a suid root vulnerability which could potentially grant unauthorized root access to an attacker.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200409-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: star: Suid root vulnerability Date: September 07, 2004 Bugs: #61797 ID: 200409-11 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= star contains a suid root vulnerability which could potentially grant unauthorized root access to an attacker. Background ========= star is an enhanced tape archiver, much like tar, that is recognized for it's speed as well as it's enhanced mt/rmt support. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-arch/star < star-1.5_alpha46 > = star-1.5_alpha46 Description ========== A suid root vulnerability exists in versions of star that are configured to use ssh for remote tape access. Impact ===== Attackers with local user level access could potentially gain root level access. Workaround ========= There is no known workaround at this time. Resolution ========= All star users should upgrade to the latest version: # emerge sync # emerge -pv "> =app-arch/star-1.5_alpha46" # emerge "> =app-arch/star-1.5_alpha46" References ========= [ 1 ] Star Mailing List Announcement Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200409-11 Concerns? ======== Security is a primary focus of GentooLinux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2004 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/1.0/ . A critical vulnerability in Star on Gentoo can lead to unauthorized root access via a suid root flaw. Immediate upgrade recommended!. Gentoo Security, Star SUID Problem, Root Access Risk. . LinuxSecurity.com Team

Calendar 2 Sep 07, 2004 Gentoo
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":549,"type":"x","order":1,"pct":78.54,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.29,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.86,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.3,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here