Alerts This Week
Warning Icon 1 659
Alerts This Week
Warning Icon 1 659

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -6 articles for you...
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorydenial of serviceimportant

openSUSE: 2024:0729-1 Important: Nodejs16 Denial of Service Attack

This update for nodejs16 fixes the following issues: Security issues fixed:. # Security update for nodejs16 Announcement ID: SUSE-SU-2024:0729-1 Rating: important References: * bsc#1219993 * bsc#1219997 * bsc#1220014 * bsc#1220017 * bsc#1220053 Cross-References: * CVE-2023-46809 * CVE-2024-22019 * CVE-2024-22025 * CVE-2024-24758 * CVE-2024-24806 CVSS scores: * CVE-2023-46809 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-22019 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24758 ( SUSE ): 3.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L * CVE-2024-24806 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-24806 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves five vulnerabilities can now be installed. ## Description: This update for nodejs16 fixes the following issues: Security issues fixed: * CVE-2023-46809: Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) (bsc#1219997). * CVE-2024-22019: http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks (bsc#1219993). * CVE-2024-22025: Denial of Service by resource exhaustion in fetch() brotli decoding (bsc#1220014). * CVE-2024-24758: ignore proxy-authorization header (bsc#1220017). * CVE-2024-24806: fix improper domain lookup that potentially leads to SSRF attacks (bsc#1219724). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively youcan run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-729=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-729=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-729=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-729=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-729=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * corepack16-16.20.2-150300.7.33.1 * npm16-16.20.2-150300.7.33.1 * nodejs16-debugsource-16.20.2-150300.7.33.1 * nodejs16-devel-16.20.2-150300.7.33.1 * nodejs16-debuginfo-16.20.2-150300.7.33.1 * nodejs16-16.20.2-150300.7.33.1 * openSUSE Leap 15.3 (noarch) * nodejs16-docs-16.20.2-150300.7.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * npm16-16.20.2-150300.7.33.1 * nodejs16-debugsource-16.20.2-150300.7.33.1 * nodejs16-devel-16.20.2-150300.7.33.1 * nodejs16-debuginfo-16.20.2-150300.7.33.1 * nodejs16-16.20.2-150300.7.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * nodejs16-docs-16.20.2-150300.7.33.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * npm16-16.20.2-150300.7.33.1 * nodejs16-debugsource-16.20.2-150300.7.33.1 * nodejs16-devel-16.20.2-150300.7.33.1 * nodejs16-debuginfo-16.20.2-150300.7.33.1 * nodejs16-16.20.2-150300.7.33.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * nodejs16-docs-16.20.2-150300.7.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * npm16-16.20.2-150300.7.33.1 * nodejs16-debugsource-16.20.2-150300.7.33.1 * nodejs16-devel-16.20.2-150300.7.33.1 *nodejs16-debuginfo-16.20.2-150300.7.33.1 * nodejs16-16.20.2-150300.7.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * nodejs16-docs-16.20.2-150300.7.33.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * npm16-16.20.2-150300.7.33.1 * nodejs16-debugsource-16.20.2-150300.7.33.1 * nodejs16-devel-16.20.2-150300.7.33.1 * nodejs16-debuginfo-16.20.2-150300.7.33.1 * nodejs16-16.20.2-150300.7.33.1 * SUSE Enterprise Storage 7.1 (noarch) * nodejs16-docs-16.20.2-150300.7.33.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46809.html * https://www.suse.com/security/cve/CVE-2024-22019.html * https://www.suse.com/security/cve/CVE-2024-22025.html * https://www.suse.com/security/cve/CVE-2024-24758.html * https://www.suse.com/security/cve/CVE-2024-24806.html * https://bugzilla.suse.com/show_bug.cgi?id=1219993 * https://bugzilla.suse.com/show_bug.cgi?id=1219997 * https://bugzilla.suse.com/show_bug.cgi?id=1220014 * https://bugzilla.suse.com/show_bug.cgi?id=1220017 * https://bugzilla.suse.com/show_bug.cgi?id=1220053 . An important enhancement for nodejs16 addresses critical vulnerabilities in multiple SUSE distributions to improve overall security.. OpenSUSE Security Advisory, Nodejs16 Update, Important Nodejs Security, Denial of Service Fix, SSRF Vulnerability. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 01, 2024 Important OpenSUSE
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisoryimportantdevelopment tools

openSUSE 15.4, 15.5: 2023:3841-1 Important: Go1.19 OpenSSL Security Fix

This update for go1.19-openssl fixes the following issues: Update to version 1.19.13 (bsc#1200441).. # Security update for go1.19-openssl Announcement ID: SUSE-SU-2023:3841-1 Rating: important References: * #1200441 * #1213229 * #1213880 * #1215090 Cross-References: * CVE-2023-29406 * CVE-2023-29409 CVSS scores: * CVE-2023-29406 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2023-29406 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2023-29409 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-29409 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Development Tools Module 15-SP4 * Development Tools Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities and has two security fixes can now be installed. ## Description: This update for go1.19-openssl fixes the following issues: Update to version 1.19.13 (bsc#1200441). * CVE-2023-29409: Fixed unrestricted RSA keys in certificates (bsc#1213880). * CVE-2023-29406: Fixed insufficient sanitization of Host header (bsc#1213229). The following non-security bug was fixed: * Add missing directory pprof html asset directory to package (bsc#1215090). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-3841=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-3841=1 * Development Tools Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-3841=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2023-3841=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * go1.19-openssl-doc-1.19.13.1-150000.1.8.1 * go1.19-openssl-1.19.13.1-150000.1.8.1 * go1.19-openssl-race-1.19.13.1-150000.1.8.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * go1.19-openssl-doc-1.19.13.1-150000.1.8.1 * go1.19-openssl-1.19.13.1-150000.1.8.1 * go1.19-openssl-race-1.19.13.1-150000.1.8.1 * Development Tools Module 15-SP4 (aarch64 ppc64le s390x x86_64) * go1.19-openssl-doc-1.19.13.1-150000.1.8.1 * go1.19-openssl-1.19.13.1-150000.1.8.1 * go1.19-openssl-race-1.19.13.1-150000.1.8.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * go1.19-openssl-doc-1.19.13.1-150000.1.8.1 * go1.19-openssl-1.19.13.1-150000.1.8.1 * go1.19-openssl-race-1.19.13.1-150000.1.8.1 ## References: * https://www.suse.com/security/cve/CVE-2023-29406.html * https://www.suse.com/security/cve/CVE-2023-29409.html * https://bugzilla.suse.com/show_bug.cgi?id=1200441 * https://bugzilla.suse.com/show_bug.cgi?id=1213229 * https://bugzilla.suse.com/show_bug.cgi?id=1213880 * https://bugzilla.suse.com/show_bug.cgi?id=1215090 . The recent release of go1.19-openssl addresses severe vulnerabilities, such as improper key management and inadequate host header validation.. SUSE OpenSSL Fixes, Security Update, Development Tools Module, Go1.19 OpenSSL, SUSE Security Advisory. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 27, 2023 Important OpenSUSE
Banner 2 1028x280 1708121730 1 1771599631
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorysecurity fiximportant

openSUSE Leap 15.2: 2020:1536-1 Important: rubygem-actionpack Fix

An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for rubygem-actionpack-5_1 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2020:1536-1 Rating: important References: #1172177 Cross-References: CVE-2020-8164 Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for rubygem-actionpack-5_1 fixes the following issues: - CVE-2020-8164: Possible Strong Parameters Bypass in ActionPack. There is a strong parameters bypass vector in ActionPack. (bsc#1172177) This update was imported from the SUSE:SLE-15:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2020-1536=1 Package List: - openSUSE Leap 15.2 (x86_64): ruby2.5-rubygem-actionpack-5_1-5.1.4-lp152.5.3.1 ruby2.5-rubygem-actionpack-doc-5_1-5.1.4-lp152.5.3.1 References: https://www.suse.com/security/cve/CVE-2020-8164.html https://bugzilla.suse.com/1172177 -- . Addresses a critical security loophole in rubygem-actionpack through a significant update for openSUSE Leap 15.2.. openSUSE Security,rubygem-actionpack update,strong parameters bypass fix,actionpack vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 26, 2020 Important OpenSUSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here