Alerts This Week
Warning Icon 1 664
Alerts This Week
Warning Icon 1 664

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorymoderatedenial of service

openSUSE Leap 15.0: 2019:2234-1 Moderate: nghttp2 DoS Threats

An update that solves two vulnerabilities and has three fixes is now available.. openSUSE Security Update: Security update for nghttp2 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:2234-1 Rating: moderate References: #1112438 #1125689 #1134616 #1146182 #1146184 Cross-References: CVE-2019-9511 CVE-2019-9513 Affected Products: openSUSE Leap 15.0 ______________________________________________________________________________ An update that solves two vulnerabilities and has three fixes is now available. Description: This update for nghttp2 fixes the following issues: Security issues fixed: - CVE-2019-9513: Fixed HTTP/2 implementation that is vulnerable to resource loops, potentially leading to a denial of service (bsc#1146184). - CVE-2019-9511: Fixed HTTP/2 implementations that are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service (bsc#11461). Bug fixes and enhancements: - Fixed mistake in spec file (bsc#1125689) - Fixed build issue with boost 1.70.0 (bsc#1134616) - Feature: Add W&S module (FATE#326776, bsc#1112438) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-2234=1 Package List: - openSUSE Leap 15.0 (i586 x86_64): libnghttp2-14-1.39.2-lp150.2.3.1 libnghttp2-14-debuginfo-1.39.2-lp150.2.3.1 libnghttp2-devel-1.39.2-lp150.2.3.1 libnghttp2_asio-devel-1.39.2-lp150.2.3.1 libnghttp2_asio1-1.39.2-lp150.2.3.1 libnghttp2_asio1-debuginfo-1.39.2-lp150.2.3.1 nghttp2-1.39.2-lp150.2.3.1 nghttp2-debuginfo-1.39.2-lp150.2.3.1 nghttp2-debugsource-1.39.2-lp150.2.3.1 nghttp2-python-debugsource-1.39.2-lp150.2.3.1 python3-nghttp2-1.39.2-lp150.2.3.1 python3-nghttp2-debuginfo-1.39.2-lp150.2.3.1 - openSUSE Leap 15.0 (x86_64): libnghttp2-14-32bit-1.39.2-lp150.2.3.1 libnghttp2-14-32bit-debuginfo-1.39.2-lp150.2.3.1 libnghttp2_asio1-32bit-1.39.2-lp150.2.3.1 libnghttp2_asio1-32bit-debuginfo-1.39.2-lp150.2.3.1 References: https://www.suse.com/security/cve/CVE-2019-9511.html https://www.suse.com/security/cve/CVE-2019-9513.html https://bugzilla.suse.com/1112438 https://bugzilla.suse.com/1125689 https://bugzilla.suse.com/1134616 https://bugzilla.suse.com/1146182 https://bugzilla.suse.com/1146184 -- . An important news release for Fedora tackling low-level security vulnerabilities in curl, improving system stability and efficiency.. nghttp2 Patch, openSUSE Update, Security Advisory, HTTP/2 Issues, DoS Prevention. . LinuxSecurity.com Team

Calendar 2 Oct 01, 2019 OpenSUSE
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorydenial of serviceCPU consumption

Mageia 6, 7: MGASA-2019-0291 Critical: nghttp2 Denial of Service

The updated packages fix security vulnerabilities: Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified . MGASA-2019-0291 - Updated nghttp2 packages fix security vulnerabilities Publication date: 28 Sep 2019 URL: https://advisories.mageia.org/MGASA-2019-0291.html Type: security Affected Mageia releases: 6, 7 CVE: CVE-2019-9511, CVE-2019-9513 The updated packages fix security vulnerabilities: Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. (CVE-2019-9511) Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU. (CVE-2019-9513) References: - https://bugs.mageia.org/show_bug.cgi?id=25424 - https://access.redhat.com/errata/RHSA-2019:2692 - https://www.cve.org/CVERecord?id=CVE-2019-9511 - https://www.cve.org/CVERecord?id=CVE-2019-9513 SRPMS: - 7/core/nghttp2-1.38.0-1.1.mga7 - 6/core/nghttp2-1.9.2-1.1.mga6 . Mageia 2020-0454 implements changes to OpenSSL to address vulnerabilities associated with cryptographic functions and potential man-in-the-middle threats for secure communications.. nghttp2, Mageia, HTTP/2, denial of service, security risks. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 27, 2019 Critical Mageia
Banner 3 1028x280 1708121785 1771599793
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here