Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorySuSEimportant

SUSE: java-21-openjdk Important Certificate Handling Fix 2025:21162-1

* bsc#1246806 * bsc#1252414 * bsc#1252417 * bsc#1252418 . # Security update for java-21-openjdk Announcement ID: SUSE-SU-2025:21162-1 Release Date: 2025-11-28T09:35:08Z Rating: important References: * bsc#1246806 * bsc#1252414 * bsc#1252417 * bsc#1252418 Cross-References: * CVE-2025-53057 * CVE-2025-53066 * CVE-2025-61748 CVSS scores: * CVE-2025-53057 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-53057 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-53057 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2025-53066 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-53066 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-53066 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-61748 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-61748 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2025-61748 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise Server 16.0 * SUSE Linux Enterprise Server for SAP Applications 16.0 An update that solves three vulnerabilities and has one fix can now be installed. ## Description: This update for java-21-openjdk fixes the following issues: Update to upstream tag jdk-21.0.9+10 (October 2025 CPU): * CVE-2025-53066: Fixed enhance path factories (bsc#1252417). * CVE-2025-61748: Fixed enhance string handling (bsc#1252418). * CVE-2025-53057: Fixed enhance certificate handling (bsc#1252414). Other bug fixes: * Do not embed rebuild counter (bsc#1246806) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 16.0 zypper in -t patchSUSE-SLES-16.0-82=1 * SUSE Linux Enterprise Server for SAP Applications 16.0 zypper in -t patch SUSE-SLES-16.0-82=1 ## Package List: * SUSE Linux Enterprise Server 16.0 (aarch64 ppc64le s390x x86_64) * java-21-openjdk-21.0.9.0-160000.1.1 * java-21-openjdk-src-21.0.9.0-160000.1.1 * java-21-openjdk-devel-21.0.9.0-160000.1.1 * java-21-openjdk-devel-debuginfo-21.0.9.0-160000.1.1 * java-21-openjdk-debuginfo-21.0.9.0-160000.1.1 * java-21-openjdk-demo-21.0.9.0-160000.1.1 * java-21-openjdk-headless-debuginfo-21.0.9.0-160000.1.1 * java-21-openjdk-headless-21.0.9.0-160000.1.1 * java-21-openjdk-jmods-21.0.9.0-160000.1.1 * SUSE Linux Enterprise Server 16.0 (noarch) * java-21-openjdk-javadoc-21.0.9.0-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (ppc64le x86_64) * java-21-openjdk-21.0.9.0-160000.1.1 * java-21-openjdk-src-21.0.9.0-160000.1.1 * java-21-openjdk-devel-21.0.9.0-160000.1.1 * java-21-openjdk-devel-debuginfo-21.0.9.0-160000.1.1 * java-21-openjdk-debuginfo-21.0.9.0-160000.1.1 * java-21-openjdk-demo-21.0.9.0-160000.1.1 * java-21-openjdk-headless-debuginfo-21.0.9.0-160000.1.1 * java-21-openjdk-headless-21.0.9.0-160000.1.1 * java-21-openjdk-jmods-21.0.9.0-160000.1.1 * SUSE Linux Enterprise Server for SAP Applications 16.0 (noarch) * java-21-openjdk-javadoc-21.0.9.0-160000.1.1 ## References: * https://www.suse.com/security/cve/CVE-2025-53057.html * https://www.suse.com/security/cve/CVE-2025-53066.html * https://www.suse.com/security/cve/CVE-2025-61748.html * https://bugzilla.suse.com/show_bug.cgi?id=1246806 * https://bugzilla.suse.com/show_bug.cgi?id=1252414 * https://bugzilla.suse.com/show_bug.cgi?id=1252417 * https://bugzilla.suse.com/show_bug.cgi?id=1252418 . SUSE security update for java-21-openjdk addresses multiple issues with important severity and patch instructions.. SUSE Security Update, Java 21 OpenJDK, Important Security Fix, Cybersecurity Linux. . Severity: Important.LinuxSecurity.com Team

Calendar 2 Dec 10, 2025 Important SuSE
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorycode executionremote attack

Ubuntu Security Notice USN-887-1: Code Execution Risk in libthai

Tim Starling discovered that LibThai did not correctly handle long strings. A remote attacker could use specially-formed strings to execute arbitrary code with the user's privileges.. Previous advisory was sent out with the wrong USN number. Here is the corrected version. ==========================================================Ubuntu Security Notice USN-887-1 January 18, 2010 libthai vulnerability CVE-2009-4012 ========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04 Ubuntu 9.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: libthai0 0.1.9-1ubuntu0.2 Ubuntu 8.10: libthai0 0.1.9-4ubuntu0.8.10.2 Ubuntu 9.04: libthai0 0.1.9-4ubuntu0.9.04.2 Ubuntu 9.10: libthai0 0.1.12-1ubuntu0.2 In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Tim Starling discovered that LibThai did not correctly handle long strings. A remote attacker could use specially-formed strings to execute arbitrary code with the user's privileges. Updated packages for Ubuntu 8.04 LTS: Source archives: Size/MD5: 6466 72bf0da23ed8a2f39189713dedbb965e Size/MD5: 993 1b50bb00875aefa37e771fbb603789bf Size/MD5: 491038 7002d111b293f202d20b28aa2b4ed68f Architecture independent packages: Size/MD5: 163912 acc8b2d4149acb7fdd6b0376ba038f15 Size/MD5: 54766 60214363e101bdc494368f0779c1aa0d amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 70452 4e6e3e3980100f824a8f66212f186bb4 Size/MD5: 33890 72c71da6bf9b028f917ec9765fb247ea i386 architecture (x86 compatible Intel/AMD): Size/MD5: 70156 e5a9c659a114f85634adf3c589ea1453 Size/MD5: 32774 2b5f8cbabe865478ac8d35c1476a78d6 lpia architecture (Low Power Intel Architecture): Size/MD5: 69290 2d0cc19d49d5f91219b0e9b231ff518c Size/MD5: 32572 34f6475a43166ea01d8f2851c09aee9d powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 70758 2e481ac1ceae95ffc2be55bcee76e2ed Size/MD5: 34166 b9ce41ff78ce6f708674859b278b3dc8 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 69752 070148bd718a1bb762871cde174bddc8 Size/MD5: 32482 fad061e2d6e01d98ab4403eabbd6b4fe Updated packages for Ubuntu 8.10: Source archives: Size/MD5: 7678 2d5d5cc3c4ca03d55d262ec8af15d8ee Size/MD5: 1496 fae0a4b9061f1f679092b4a404345a39 Size/MD5: 491038 7002d111b293f202d20b28aa2b4ed68f Architecture independent packages: Size/MD5: 162144 0bb8f60e2839cceadc3ebea007e9f784 Size/MD5: 56976 66aa32016d03a69ec1bf263a40acbbc7 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 52186 a8a1c19db11a11cc177901a7394833dd Size/MD5: 33158 95ef669908130c31e56a9bf868da33e8 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 51690 0f1178f6f6c7f5ce77d689730375d0b6 Size/MD5: 31976 0930ac31fc148c2352e8c388d703ae57 lpia architecture (Low Power Intel Architecture): Size/MD5: 50880 c672333fcdc6507f8900a35db87085c3 Size/MD5: 31798 6a0625ece56a49b51cf76212b6cfde79 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 52276 a589a899ba44011b4a5e9da13dd16c01 Size/MD5: 33178 aad35bfd80d9140fa6f1eec5e023c5cc sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 51118 b31a7dcc0b7bfc1e31a4e1d225075154 Size/MD5: 31662 9ba04f9331592c2eaffd0cc8537c979f Updated packages for Ubuntu 9.04: Sourcearchives: Size/MD5: 7681 78df620549a4369821a06526e77eea3d Size/MD5: 1496 5d57d234fc11cf4df09773a23e674068 Size/MD5: 491038 7002d111b293f202d20b28aa2b4ed68f Architecture independent packages: Size/MD5: 162132 fe80b6c0e4fe83cea3d86c0bb2ea64be Size/MD5: 57040 41394d51d9eeb4212a187b92db230647 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 52170 a5615a6428f8302bdb9b94e54c1c66da Size/MD5: 33142 c0c19f872d39511428b8f7f41eb737bb i386 architecture (x86 compatible Intel/AMD): Size/MD5: 51732 c41b1400801c0615eac9ec89952ee969 Size/MD5: 32000 900055d2058386767ffee8adfd62e41f lpia architecture (Low Power Intel Architecture): Size/MD5: 50910 e3f85c2620b6ff46a51af55d13486029 Size/MD5: 31814 806aa31a935ccd494dcf7fd1136b4c39 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 52288 ab07a5332e338c9c97327815dedcc04e Size/MD5: 33180 8f67ca7349ea484dfce710affb1dd3bf sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 51134 d0e593b775f9403c4d1ef4d226725f8f Size/MD5: 31632 48060eb78a8c6d979c2a8e96eedca519 Updated packages for Ubuntu 9.10: Source archives: Size/MD5: 8487 442572cdbc102b6a44da41bb9f7660c8 Size/MD5: 1447 85725672b69124bc28aff42834adf3b9 Size/MD5: 491699 e206313d5a60ce98bc3be83d60373554 Architecture independent packages: Size/MD5: 194398 17df9ac8ba8448d0876677dd30965eec Size/MD5: 62208 ce3f3ab866cdbaa7bb1cd5a3a3dd2a59 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 58170 df29ea97a370327b6c3a750344d17936 Size/MD5: 39996 65a9016641f8b2ad898eca9325a36113 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 57656 05556be2ba038e9544065f26e9cebb3a Size/MD5: 38878277f05648d5210c023fc7f4a33e6f542 lpia architecture (Low Power Intel Architecture): Size/MD5: 56882 ad9fe5c494ebed68d508523869ba19fa Size/MD5: 38610 1a82eb496e18c8b4a2d1f71bbbc560c9 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 58012 60003f8d9faeb146960c6dbefbaa5dc7 Size/MD5: 39584 952c286bc421b4f2243d8c1d2f9b4be8 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 56802 becba71ae0770c7a40865b7a641bdf3f Size/MD5: 38190 cd4dde8ea072d746724ca1150a0eb418 . The updated notice regarding LibThai's string manipulation flaw impacting Ubuntu systems. Urgent updates advised.. LibThai Security, Ubuntu Update, Remote Code Execution. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jan 18, 2010 Important Ubuntu
Banner 1 1028x280 1708121660 1771599717
87
Ls Advisories Debian Esm H240
Price Tag 1security advisoryremote exploitcritical risk

Debian 3.0 DSA 324-1 Critical Ethereal Memory Overflow Risk

Several of the packet dissectors in ethereal contain string handlingbugs which could be exploited using a maliciously crafted packet tocause ethereal to consume excessive amounts of memory, crash, orexecute arbitrary code.. -------------------------------------------------------------------------- Debian Security Advisory DSA 324-1 This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Matt Zimmerman June 18th, 2003 Debian -- Debian security FAQ -------------------------------------------------------------------------- Package : ethereal Vulnerability : several Problem-Type : remote Debian-specific: no CVE Ids : CAN-2003-0428 CAN-2003-0429 CAN-2003-0431 CAN-2003-0432 Several of the packet dissectors in ethereal contain string handling bugs which could be exploited using a maliciously crafted packet to cause ethereal to consume excessive amounts of memory, crash, or execute arbitrary code. These vulnerabilites were announced in the following Ethereal security advisory: Ethereal 0.9.4 in Debian 3.0 (woody) is affected by most of the problems described in the advisory, including: * The DCERPC dissector could try to allocate too much memory while trying to decode an NDR string. * Bad IPv4 or IPv6 prefix lengths could cause an overflow in the OSI dissector. * The tvb_get_nstringz0() routine incorrectly handled a zero-length buffer size. * The BGP, WTP, DNS, 802.11, ISAKMP, WSP, CLNP, and ISIS dissectors handled strings improperly. The following problems do NOT affect this version: * The SPNEGO dissector could segfault while parsing an invalid ASN.1 value. * The RMI dissector handled strings improperly as these modules are not present. For the stable distribution (woody) these problems have been fixed in version 0.9.4-1woody5. The old stable distribution (potato) these problems will be fixed in a future advisory. For the unstable distribution (sid)these problems are fixed in version 0.9.13-1. We recommend that you update your ethereal package. Upgrade Instructions -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody -------------------------------- Source archives: Size/MD5 checksum: 679 fb98a4629ed5c2a09188264978e235cb Size/MD5 checksum: 36263 4db84b40ff262dc4fa536bcbb215eb2b Size/MD5 checksum: 3278908 42e999daa659820ee93aaaa39ea1e9ea Alpha architecture: Size/MD5 checksum: 1938816 8e4a1ce81eb9f19d45c01e590d9a377e Size/MD5 checksum: 334136 08bf42a6d7dbb50692d708d7a9197d87 Size/MD5 checksum: 221920 ee4403d6c0b7c07c83eec534988a84ee Size/MD5 checksum: 1705816 7ee849802d94d148a14119f76992b2f0 ARM architecture: Size/MD5 checksum: 1633896 0abfa9d3c0eb5db8321a6762ab9dfa7b Size/MD5 checksum: 297150 bfbad9f07fab5ab34a6eab1ef8e5953d Size/MD5 checksum: 205828 ea7d760224ab01952527eacbc4587d20 Size/MD5 checksum: 1438470 4f1f6d0135cbfc0044c688c39a956bea Intel IA-32 architecture: Size/MD5 checksum: 1511912 5c1107c1016a8025e5b1d56eeccf84df Size/MD5 checksum: 286266 9c979f57424b5d55c5de6621098e96d2 Size/MD5 checksum: 198218 c49c94d9dc7312668c9b48a550df6a1c Size/MD5 checksum: 1324568 9aeb2ffbc5277b3196b83e6d38b53621 Intel IA-64 architecture: Size/MD5 checksum: 2149036 c68b86189746723e62bf08368bce227b Size/MD5 checksum: 372962 9247b82b07d2eb11446fdce5f88983dc Size/MD5 checksum: 233512 c030461e088a87758a4ba9935f0733e1 Size/MD5 checksum: 1859410 ab7f2190f094c3b8e67d56ff49045b9a HP Precision architecture: Size/MD5 checksum: 1802910 eb690bcb02ebf1c750205177cb248f72 Size/MD5 checksum: 322214 5ee2178f9c733121c7a1f0d524627880 Size/MD5 checksum: 216700 fa66e8a08983e09421560bd10f3c3965 Size/MD5 checksum: 1574692 b336a02e18c9f495960a9d0dec3d8e45 Motorola 680x0 architecture: Size/MD5 checksum: 1423170 d59023d4c5cdf8dde7d3bfe8cc33d587 Size/MD5 checksum: 282466 6c85c7db7c36488746ef3f1e4a18d186 Size/MD5 checksum: 194916 d33873842e7080c48de9e9c337c76c79 Size/MD5 checksum: 1247402 58295f85485a65b3f65e2f4af5ef5961 Big endian MIPS architecture: Size/MD5 checksum: 1616264 7d0870d9b8b38f03a0a380996dfa33f9 Size/MD5 checksum: 305088 295015eb873bfb754e75c1396e752243 Size/MD5 checksum: 213484 8d0afae76790f5fdbebfd785bd3e0eb5 Size/MD5 checksum: 1421086 ecfbd6ffa565b529da0e654f344a1d55 Little endian MIPS architecture: Size/MD5 checksum: 1596546 b84b95c09877df3556a688045c99c260 Size/MD5 checksum: 304588 762bfcd3d71a6baec47e2e1faec0ef4c Size/MD5 checksum: 213108 666e6babaccfceda951053a9e03d5e77 Size/MD5 checksum: 1405282 93b65858bfce3a879a05de921f2b0adc PowerPC architecture: Size/MD5 checksum: 1616884 20f757b5b8bbdd9c604741f0a4e6f844 Size/MD5 checksum: 301724 96ce6842b578c13330879589a1692d47 Size/MD5 checksum: 208664 de9e536ef2560206395d9ede28c4aeef Size/MD5 checksum: 1418060 f28e69f82efff9434c37ac70f9f6af86 IBM S/390 architecture: Size/MD5 checksum: 1573598 a93240eca8bb226a0ad8bcabc6a6c5a3 Size/MD5 checksum: 300554 a239b466decac0566be563242665d1aa Size/MD5 checksum: 203712 94f12ad0a3961df640587313f2b20b6a Size/MD5 checksum: 13860686401707646ae88c8220e5c6143a9c40b Sun Sparc architecture: Size/MD5 checksum: 1581564 c60e1b864726561eea77d65c6c3d4da3 Size/MD5 checksum: 317866 16956acf9b44bf36174733cd620348d3 Size/MD5 checksum: 204488 a5bccb53d6e679c552cb0093936c0e69 Size/MD5 checksum: 1388806 429a6f0c8c4ff5443dbabd94610998aa These files will probably be moved into the stable distribution on its next revision. --------------------------------------------------------------------------------- For apt-get: deb Debian -- Security Information stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . Update to fix weaknesses in Ethereal's security on Debian reveals possible remote exploit threats associated with string handling errors.. Ethereal Security, Debian Update, Remote Exploit, Memory Overflow, Packet Handling. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jun 18, 2003 Critical Debian
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryRed Hatcritical

Red Hat Linux 7 xinetd Vulnerability in Buffer Processing RHSA-2001:092-03

A boundary checking case in xinetd's string handling was fixed in the 2.3.0release of xinetd.. ` --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated xinetd package available for Red Hat Linux 7 and 7.1 Advisory ID: RHSA-2001:092-02 Issue date: 2001-07-03 Updated on: 2001-07-06 Product: Red Hat Linux Keywords: xinetd umask 2.4 kernel identd Cross references: Obsoletes: RHSA-2001:075 --------------------------------------------------------------------- 1. Topic: A vulnerability has been found in xinetd's string handling. 2. Relevant releases/architectures: Red Hat Linux 7.0 - alpha, i386 Red Hat Linux 7.1 - alpha, i386 3. Problem description: A boundary checking case in xinetd's string handling was fixed in the 2.3.0 release of xinetd. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed ( for more info): 6. RPMs required: Red Hat Linux 7.0: SRPMS: alpha: i386: Red Hat Linux 7.1: SRPMS: alpha: i386: 7. Verification: MD5 sum PackageName -------------------------------------------------------------------------- cf2d969d79d7061ef0cf539f9a846de6 7.0/en/os/SRPMS/xinetd-2.3.0-1.71.src.rpm bf759f5eebb7aa1ff571ef1867c65f70 7.0/en/os/alpha/xinetd-2.3.0-1.71.alpha.rpm af532d612480937736f76b6fbeb8218d 7.0/en/os/i386/xinetd-2.3.0-1.71.i386.rpm cf2d969d79d7061ef0cf539f9a846de6 7.1/en/os/SRPMS/xinetd-2.3.0-1.71.src.rpm bf759f5eebb7aa1ff571ef1867c65f70 7.1/en/os/alpha/xinetd-2.3.0-1.71.alpha.rpm af532d612480937736f76b6fbeb8218d 7.1/en/os/i386/xinetd-2.3.0-1.71.i386.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 8. References: Copyright(c) 2000, 2001 Red Hat, Inc. `. Overhauled xinetd application addresses critical buffer overflow threats for CentOS clientele. Essential for securing your infrastructure!. Red Hat Security Advisory, xinetd update, string handling flaw. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 13, 2001 Critical Red Hat
Banner 1 1028x280 1708121660 1771599717
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisoryred hatcritical

Red Hat 7: RHSA-2001:092-02 xinetd Important Buffer Overflow Threat

A boundary checking case in xinetd's string handling was fixed in the 2.3.0 release of xinetd.. ` --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated xinetd package available for Red Hat Linux 7 and 7.1 Advisory ID: RHSA-2001:092-02 Issue date: 2001-07-03 Updated on: 2001-07-06 Product: Red Hat Linux Keywords: xinetd umask 2.4 kernel identd Cross references: Obsoletes: RHSA-2001:075 --------------------------------------------------------------------- 1. Topic: A vulnerability has been found in xinetd's string handling. 2. Relevant releases/architectures: Red Hat Linux 7.0 - alpha, i386 Red Hat Linux 7.1 - alpha, i386 3. Problem description: A boundary checking case in xinetd's string handling was fixed in the 2.3.0 release of xinetd. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed ( for more info): 6. RPMs required: Red Hat Linux 7.0: SRPMS: alpha: i386: Red Hat Linux 7.1: SRPMS: alpha: i386: 7. Verification: MD5 sum PackageName -------------------------------------------------------------------------- cf2d969d79d7061ef0cf539f9a846de6 7.0/en/os/SRPMS/xinetd-2.3.0-1.71.src.rpm bf759f5eebb7aa1ff571ef1867c65f70 7.0/en/os/alpha/xinetd-2.3.0-1.71.alpha.rpm af532d612480937736f76b6fbeb8218d 7.0/en/os/i386/xinetd-2.3.0-1.71.i386.rpm cf2d969d79d7061ef0cf539f9a846de6 7.1/en/os/SRPMS/xinetd-2.3.0-1.71.src.rpm bf759f5eebb7aa1ff571ef1867c65f70 7.1/en/os/alpha/xinetd-2.3.0-1.71.alpha.rpm af532d612480937736f76b6fbeb8218d 7.1/en/os/i386/xinetd-2.3.0-1.71.i386.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 8. References: Copyright(c) 2000, 2001 Red Hat, Inc. `. A recent patch for the sshd service addresses a critical memory leak issue in Fedora OS, enhancing the overall integrity of the system's security framework.. Red Hat Linux,xinetd Patch,System Security Improvement. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jul 07, 2001 Important Red Hat
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here