Alerts This Week
Warning Icon 1 687
Alerts This Week
Warning Icon 1 687

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":546,"type":"x","order":1,"pct":78.45,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.31,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.36,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 1 articles for you...
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity updatebug fix

Red Hat Enterprise Linux 9 RHSA-2022:8100 Low: swtpm Security Update

An update for swtpm is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Low: swtpm security and bug fix update Advisory ID: RHSA-2022:8100-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:8100 Issue date: 2022-11-15 CVE Names: CVE-2022-23645 ==================================================================== 1. Summary: An update for swtpm is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 9) - aarch64, s390x, x86_64 3. Description: SWTPM is a TPM emulator built on libtpms providing TPM functionality for QEMU VMs. Security Fix(es): * swtpm: Unchecked header size indicator against expected size (CVE-2022-23645) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2056491 - CVE-2022-23645 swtpm:Unchecked header size indicator against expected size 2090219 - Not able to install windows 11 OS with vTPM in spec (disable FIPS) 6. Package List: Red Hat Enterprise Linux AppStream (v. 9): Source: swtpm-0.7.0-3.20211109gitb79fd91.el9.src.rpm aarch64: swtpm-0.7.0-3.20211109gitb79fd91.el9.aarch64.rpm swtpm-debuginfo-0.7.0-3.20211109gitb79fd91.el9.aarch64.rpm swtpm-debugsource-0.7.0-3.20211109gitb79fd91.el9.aarch64.rpm swtpm-libs-0.7.0-3.20211109gitb79fd91.el9.aarch64.rpm swtpm-libs-debuginfo-0.7.0-3.20211109gitb79fd91.el9.aarch64.rpm swtpm-tools-0.7.0-3.20211109gitb79fd91.el9.aarch64.rpm swtpm-tools-debuginfo-0.7.0-3.20211109gitb79fd91.el9.aarch64.rpm s390x: swtpm-0.7.0-3.20211109gitb79fd91.el9.s390x.rpm swtpm-debuginfo-0.7.0-3.20211109gitb79fd91.el9.s390x.rpm swtpm-debugsource-0.7.0-3.20211109gitb79fd91.el9.s390x.rpm swtpm-libs-0.7.0-3.20211109gitb79fd91.el9.s390x.rpm swtpm-libs-debuginfo-0.7.0-3.20211109gitb79fd91.el9.s390x.rpm swtpm-tools-0.7.0-3.20211109gitb79fd91.el9.s390x.rpm swtpm-tools-debuginfo-0.7.0-3.20211109gitb79fd91.el9.s390x.rpm x86_64: swtpm-0.7.0-3.20211109gitb79fd91.el9.x86_64.rpm swtpm-debuginfo-0.7.0-3.20211109gitb79fd91.el9.x86_64.rpm swtpm-debugsource-0.7.0-3.20211109gitb79fd91.el9.x86_64.rpm swtpm-libs-0.7.0-3.20211109gitb79fd91.el9.x86_64.rpm swtpm-libs-debuginfo-0.7.0-3.20211109gitb79fd91.el9.x86_64.rpm swtpm-tools-0.7.0-3.20211109gitb79fd91.el9.x86_64.rpm swtpm-tools-debuginfo-0.7.0-3.20211109gitb79fd91.el9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-23645 https://access.redhat.com/security/updates/classification#low https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.1_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGPSIGNATURE----- Version: GnuPG v1 iQIVAwUBY3OMXtzjgjWX9erEAQgHDA/+OMR2sFGbdP6hED6vJ/mp7wcx8xDO2fcl lUsbNs1WXDZ8N0ZFoQNN/iqXOE4f3YtliWHcFQOcacIyTAyev8469r4lTRHK5+RV KcQOOvdvVeibxvjR1bQS5hMZET+FWxfcQawVkTZjse6Osef6I3GF7VD5QoSbDI2B Lgj9SdvshnG2goTyLpwE9ZFUIyUhWy1CVDEGOFoeLk1zkJFMerkWb/FeQa2yCOxZ hPx1d3NIOH6V+bYYRl1owf9SpS/DhQJ7sCsay3zwz8uzjqzSX3x2cnj1U1LgCQ66 RkP3T1CHY9uRd3T7WT0oAGj4uodtXjf8+64ZgNBKqtv/2Ls7aZciIvRb1xwNVGc2 fOTSdv3zRPBwoIlxRiCxuqr5kDj3+9b9rGu1xqkedEt+736XaBcQ6uD6gHjFS41R 2KWxQ/Db0DetUyZc99atVs9YcP5YPqI+XbQWNJaGPmLR3JaZ8JAQTNEQWAKMXQD/ EPnoPYY8sgmZGDnzZb04IcnYIfvzj3DLWm0JB3cORwawvL1SulFhoikEuJ9DEKPG uIhE1nwHfGUlMmIMAbk0dPzoDt80gZMr4nHlWfEUOwCUQrQw6O67Nr9JNd32bwAW T77tKs+HriSXYQ9isoaGFnlVsVH965tEte1pHna3YqNznR3GC6Hh072gfJXWf/qx XpYcV7g6aB0=l7Di -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A new version of swtpm has been released for Red Hat Enterprise Linux 9, featuring minor security patches and additional information included.. Red Hat Enterprise Linux,swtpm update,security patch,bug fix. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Nov 15, 2022 Low Red Hat
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryupdateissue

SUSE Linux Enterprise: 2022:1297-1 Low Severity: swtpm Update Available

An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for swtpm ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:1297-1 Rating: low References: #1196240 Cross-References: CVE-2022-23645 CVSS scores: CVE-2022-23645 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Module for Server Applications 15-SP3 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Manager Proxy 4.2 SUSE Manager Server 4.2 openSUSE Leap 15.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for swtpm fixes the following issues: - Update to version 0.5.3 - CVE-2022-23645: Check header size indicator against expected size (bsc#1196240). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-1297=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-1297=1 - SUSE Linux Enterprise Module for Server Applications 15-SP3: zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-1297=1 - SUSE Linux Enterprise Micro 5.1: zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-1297=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): swtpm-0.5.3-150300.3.3.1 swtpm-debuginfo-0.5.3-150300.3.3.1 swtpm-debugsource-0.5.3-150300.3.3.1 swtpm-devel-0.5.3-150300.3.3.1 - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): swtpm-0.5.3-150300.3.3.1 swtpm-debuginfo-0.5.3-150300.3.3.1 swtpm-debugsource-0.5.3-150300.3.3.1 swtpm-devel-0.5.3-150300.3.3.1 - SUSE Linux Enterprise Module for Server Applications 15-SP3 (aarch64 ppc64le s390x x86_64): swtpm-0.5.3-150300.3.3.1 swtpm-debuginfo-0.5.3-150300.3.3.1 swtpm-debugsource-0.5.3-150300.3.3.1 swtpm-devel-0.5.3-150300.3.3.1 - SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64): swtpm-0.5.3-150300.3.3.1 swtpm-debuginfo-0.5.3-150300.3.3.1 swtpm-debugsource-0.5.3-150300.3.3.1 References: https://www.suse.com/security/cve/CVE-2022-23645.html https://bugzilla.suse.com/1196240 . SUSE has issued a security patch for swtpm to rectify a minor concern regarding the installation guidelines for its users.. SUSE Linux, swtpm patch, security update. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Apr 21, 2022 Low SuSE
Banner 2 1028x280 1708121730 1 1771599631
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorysoftware updatemoderate threat

Mageia 8 Moderate: 2022-0112 Out-Of-Bounds Access in swtpm

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an out-of-bounds access when the byte array representing the state . MGASA-2022-0112 - Updated swtpm packages fix security vulnerability Publication date: 23 Mar 2022 URL: https://advisories.mageia.org/MGASA-2022-0112.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-23645 swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an out-of-bounds access when the byte array representing the state of the TPM is accessed. This will likely crash swtpm or prevent it from starting since the state cannot be understood. Users should upgrade to swtpm v0.5.3, v0.6.2, or v0.7.1 to receive a patch. There are currently no known workarounds. (CVE-2022-23645) References: - https://bugs.mageia.org/show_bug.cgi?id=30125 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/WL735FW266GO4C2JX4CJBOIOB7R7AY5A/ - https://www.cve.org/CVERecord?id=CVE-2022-23645 SRPMS: - 8/core/swtpm-0.7.1-1.mga8 . Recent swtpm releases tackle a critical out-of-bounds vulnerability present in Mageia 8. To maintain security, it is essential to update to the patched versions.. Mageia Security Advisory, swtpm Fix, Out-Of-Bounds Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 23, 2022 Important Mageia
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorabuffer overflow

Ubuntu 21.10: 2022-34b21e8a2f Major: libxml Update for Security

Update to v0.7.1 release; Fix of CVE-2022-23645. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-12443a525c 2022-03-05 18:30:05.083731 --------------------------------------------------------------------------------Name : swtpm Product : Fedora 35 Version : 0.7.1 Release : 1.20220218git92a7035.fc35 URL : https://github.com/stefanberger/swtpm Summary : TPM Emulator Description : TPM emulator built on libtpms providing TPM functionality for QEMU VMs --------------------------------------------------------------------------------Update Information: Update to v0.7.1 release; Fix of CVE-2022-23645 --------------------------------------------------------------------------------ChangeLog: * Fri Feb 18 2022 Stefan Berger - 0.7.1-1.20220218git92a7035 - Update to v0.7.1 release --------------------------------------------------------------------------------References: [ 1 ] Bug #2056493 - CVE-2022-23645 swtpm: Unchecked header size indicator against expected size [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2056493 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-12443a525c' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . The latest Fedora 35 update features swtpm version 0.7.1, which addresses CVE-2022-23645, thereby improving the security functionalities of the TPM emulator.. Fedora Update,swtpm Security,TPM Emulator. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 05, 2022 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedorasoftware release

Fedora 34: 2022-087b1b4d2d Critical: swtpm 0.6.2 TPM Emulator

Update to v0.6.2 release. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-087b1b4d2d 2022-03-05 18:10:53.901356 --------------------------------------------------------------------------------Name : swtpm Product : Fedora 34 Version : 0.6.2 Release : 1.20220218git23b78c0.fc34 URL : https://github.com/stefanberger/swtpm Summary : TPM Emulator Description : TPM emulator built on libtpms providing TPM functionality for QEMU VMs --------------------------------------------------------------------------------Update Information: Update to v0.6.2 release --------------------------------------------------------------------------------ChangeLog: * Fri Feb 18 2022 Stefan Berger - 0.6.2-1.20220218git23b78c0 - Update to v0.6.2 release --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-087b1b4d2d' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Swtpm v0.6.2 has been launched for Fedora34, enhancing TPM capabilities for QEMU virtual machines.. Fedora TPM Emulator Update, swtpm Release, TPM Functionality. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 05, 2022 Critical Fedora
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorybuffer overflowaccess breach

Mageia 2021-0590 Critical: Libtpms/Swtpm Security Issues Resolved

CryptSym: fix AES output IV (CVE-2021-3505). Fixed a context save and suspend/resume problem when public keys are loaded. Reset too large size indicators in TPM2B to avoid access beyond buffer (CVE-2021-3623) . MGASA-2021-0590 - Updated libtpms/swtpm packages fix security vulnerability Publication date: 30 Dec 2021 URL: https://advisories.mageia.org/MGASA-2021-0590.html Type: security Affected Mageia releases: 8 CVE: CVE-2021-3446, CVE-2021-3505, CVE-2021-3623, CVE-2021-3746 CryptSym: fix AES output IV (CVE-2021-3505). Fixed a context save and suspend/resume problem when public keys are loaded. Reset too large size indicators in TPM2B to avoid access beyond buffer (CVE-2021-3623) Restore original value in buffer if unmarshalled one was illegal Fixed out-of-bounds access via specially crafted TPM 2 command packets (CVE-2021-3746) Marshal event sequence objects' hash state References: - https://bugs.mageia.org/show_bug.cgi?id=28882 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./message/NUCZX4S53TUNTSGTCRDNOQZV2V2RI4RJ/ - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/46YMIRHQHNKPCVNRVW4W27MFQQU7ZHHV/ - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/Z7KZSYMTE7Z4BBEZUWO2DIMQDWMGEP46/ - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/DZI42OR3JUEGWRKEVCOHL2FPTJVYCYBT/ - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/7UCZ7AV2UKWYYCNZ2NLLXW7QYCX7K337/ - - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/YVJSXDXD44WDR4VA2XL33IZDJTBGRXP7/ - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/7E3B6T5RBDKAWETDTW3WPORY3NK5IR46/ - https://www.cve.org/CVERecord?id=CVE-2021-3446 - https://www.cve.org/CVERecord?id=CVE-2021-3505 - https://www.cve.org/CVERecord?id=CVE-2021-3623 -https://www.cve.org/CVERecord?id=CVE-2021-3746 SRPMS: - 8/core/libtpms-0.9.1-1.mga8 - 8/core/swtpm-0.7.0-5.mga8 . Mageia 2021-0591 addresses severe vulnerabilities in libtpms/swtpm for version 8, bolstering security measures.. libtpms update, swtpm security, Mageia vulnerability, access control fix, buffer management. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Dec 30, 2021 Critical Mageia
Banner 2 1028x280 1708121730 1 1771599631
198
Ls Advisories Archlinux Esm H240
Price Tag 1security advisorysoftware updateprivilege escalation

Debian: DSA-2020-1234 High Severity: Vulnerability in libxml Library

The package swtpm before version 0.5.1-1 is vulnerable to privilege escalation. . Arch Linux Security Advisory ASA-202011-21 ========================================= Severity: Medium Date : 2020-11-19 CVE-ID : CVE-2020-28407 Package : swtpm Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-1282 Summary ====== The package swtpm before version 0.5.1-1 is vulnerable to privilege escalation. Resolution ========= Upgrade to 0.5.1-1. # pacman -Syu "swtpm> =0.5.1-1" The problem has been fixed upstream in version 0.5.1. Workaround ========= None. Description ========== A potential symbolic link following issue has been found in swtpm before 0.5.1. Impact ===== A malicious file might trick the program to overwrite files and escalate priviledges. References ========= https://github.com/stefanberger/swtpm/compare/v0.5.0...v0.5.1 https://github.com/stefanberger/swtpm/commit/e9c9778d5c35ef077aed1ec6601b47ac478f8185 https://github.com/stefanberger/swtpm/commit/4cc42c0ba3632a98ef381bda68d0a4eaec4578db https://github.com/stefanberger/swtpm/commit/634b6294000fb785b9f12e13b852c18a0888b01e https://github.com/stefanberger/swtpm/commit/a03cbadd087b2602412823f254ac75a9a12d97e3 https://github.com/stefanberger/swtpm/commit/526300236dc8a7664acdc265b6fc5d767289ac39 https://github.com/stefanberger/swtpm/commit/e621b21d4c31029ebe794350fcff2bcd4b0f13a0 https://security.archlinux.org/CVE-2020-28407 . Fedora Linux Security Notice FLSA-202101-20 describes a critical vulnerability that allows unauthorized access to system resources in httpd versions before 2.4.46.. Privilege Escalation, Arch Linux, Software Update. . Severity: Medium. LinuxSecurity.com Team

Calendar 2 Nov 29, 2020 Medium ArchLinux
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedoraDoS

Fedora 33: FEDORA-2020-00d28cf56b Critical: swtpm Symlink Attack

Another build of v0.5.1 after more fixes. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-00d28cf56b 2020-11-27 01:20:50.552915 --------------------------------------------------------------------------------Name : swtpm Product : Fedora 33 Version : 0.5.1 Release : 2.20201117git96f5a04.fc33 URL : https://github.com/stefanberger/swtpm Summary : TPM Emulator Description : TPM emulator built on libtpms providing TPM functionality for QEMU VMs --------------------------------------------------------------------------------Update Information: Another build of v0.5.1 after more fixes --------------------------------------------------------------------------------ChangeLog: * Fri Nov 13 2020 Stefan Berger - 0.5.1-2.20201117git96f5a04c - Another build of v0.5.1 after more fixes * Fri Nov 13 2020 Stefan Berger - 0.5.1-1.20201113git390f5bd4 - Update to v0.5.1 addressing potential symlink attack issue (CVE-2020-28407) --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-00d28cf56b' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Announcement for Fedora 33 concerning swtpm TPM Emulator, contains further corrections and important update details.. Fedora Update, TPM Emulator, swtpm, Software Update, Linux Security. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 26, 2020 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":546,"type":"x","order":1,"pct":78.45,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.31,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.36,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here