Alerts This Week
Warning Icon 1 560
Alerts This Week
Warning Icon 1 560

Stay Secure with the Latest Linux Advisories

Opensuse Large Esm H800
openSUSE

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H800
openSUSE

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

Calendar White Jun 08, 2026
moderate
Opensuse Large Esm H900
openSUSE

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Calendar White Jun 08, 2026
moderate
Ubuntu Large Esm H900
Ubuntu

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

Calendar White Jun 08, 2026
Critical
Opensuse Large Esm H800
openSUSE

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Calendar White Jun 08, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Calendar White Jun 08, 2026
Critical
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycode executiondebian

Debian 9: Critical Security Update DLA-2780-1 for Ruby 2.3 Released

Multiple vulnerabilites in ruby2.3, interpreter of object-oriented scripting language Ruby, were discovered. CVE-2021-31799 . - ---------------------------------------------------------------------- Debian LTS Advisory DLA-2780-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Utkarsh Gupta October 11, 2021 https://wiki.debian.org/LTS - ---------------------------------------------------------------------- Package : ruby2.3 Version : 2.3.3-1+deb9u10 CVE ID : CVE-2021-31799 CVE-2021-31810 CVE-2021-32066 Debian Bug : 990815 Multiple vulnerabilites in ruby2.3, interpreter of object-oriented scripting language Ruby, were discovered. CVE-2021-31799 In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 2.3.3, it is possible to execute arbitrary code via | and tags in a filename. CVE-2021-31810 An issue was discovered in Ruby through 2.3.3. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions). CVE-2021-32066 An issue was discovered in Ruby through 2.3.3. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack." For Debian 9 stretch, these problems have been fixed in version 2.3.3-1+deb9u10. We recommend that you upgrade your ruby2.3 packages. For the detailed security status of ruby2.3 please refer to its security tracker page at: Further information about Debian LTS security advisories, how to apply these updates to your system and frequentlyasked questions can be found at: https://wiki.debian.org/LTS . Uncover essential vulnerabilities in ruby2.3 and the corresponding solutions in the Debian LTS alert DLA-2780-1. Ensure your security!. Debian Security,ruby2.3 update,security threats. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Oct 13, 2021 Critical Debian LTS
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedoracritical

Fedora 34: 2021-36cdab1f8d Critical: Ruby Command Injection and FTP Issues

Security fix for CVE-2020-36327 CVE-2021-31799 CVE-2021-31810 CVE-2021-32066. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-36cdab1f8d 2021-07-29 01:06:35.173516 --------------------------------------------------------------------------------Name : ruby Product : Fedora 34 Version : 3.0.2 Release : 149.fc34 URL : https://www.ruby-lang.org/ Summary : An interpreter of object-oriented scripting language Description : Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. --------------------------------------------------------------------------------Update Information: Security fix for CVE-2020-36327 CVE-2021-31799 CVE-2021-31810 CVE-2021-32066 --------------------------------------------------------------------------------ChangeLog: * Tue Jul 13 2021 Jarek Prokop - 3.0.2-149 - Upgrade to Ruby 3.0.2. - Fix command injection vulnerability in RDoc. Resolves: CVE-2021-31799 - Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host. Resolves: CVE-2021-31810 - Fix StartTLS stripping vulnerability in Net::IMAP. Resolves: CVE-2021-32066 - Fix dependencies of gems with explicit source installed from a different source. Resolves: CVE-2020-36327 --------------------------------------------------------------------------------References: [ 1 ] Bug #1958999 - CVE-2020-36327 rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source https://bugzilla.redhat.com/show_bug.cgi?id=1958999 [ 2 ] Bug #1980126 - CVE-2021-31810 ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host https://bugzilla.redhat.com/show_bug.cgi?id=1980126 [ 3 ] Bug #1980128 - CVE-2021-32066 ruby: StartTLS strippingvulnerability in Net::IMAP https://bugzilla.redhat.com/show_bug.cgi?id=1980128 [ 4 ] Bug #1980132 - CVE-2021-31799 rubygem-rdoc: Command injection vulnerability in RDoc https://bugzilla.redhat.com/show_bug.cgi?id=1980132 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-36cdab1f8d' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Resolves urgent vulnerabilities within Ruby on Fedora 34, tackling risks related to command exploitation and FTP link weaknesses.. Fedora Ruby Update, Command Injection Fix, FTP Vulnerability, Security Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 28, 2021 Critical Fedora
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":548,"type":"x","order":1,"pct":78.51,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.87,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.32,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here