Alerts This Week
Warning Icon 1 697
Alerts This Week
Warning Icon 1 697

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":547,"type":"x","order":1,"pct":78.48,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.88,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.34,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -4 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryFedorabugfix

Fedora 41: FEDORA-2024-40d4ab1c94 vulnerability in golang-github-task

Bugfix to mitigate CVE-2023-46402. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-40d4ab1c94 2024-12-19 04:06:20.748258+00:00 -------------------------------------------------------------------------------- Name : golang-github-task Product : Fedora 41 Version : 3.40.1 Release : 1.fc41 URL : https://github.com/go-task/task Summary : A task runner / simpler Make alternative written in Go Description : A task runner / simpler Make alternative written in Go. -------------------------------------------------------------------------------- Update Information: Bugfix to mitigate CVE-2023-46402 -------------------------------------------------------------------------------- ChangeLog: * Sat Dec 7 2024 Mark E. Fuller - 3.40.1-1 - update to v3.40.1 to address CVE-2023-46402, close rhbz#2330797 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-40d4ab1c94' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam,report it: https://pagure.io/fedora-infrastructure/new_issue . Fedora 41 patch resolves CVE-2023-46403 in golang-github-plan to improve protection and correct issues.. Fedora 41 security update,golang-github-task update,CVE-2023-46402 mitigation. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Dec 19, 2024 Important Fedora
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisoryupdateDebian

Debian 10: DLA-3383-1 Moderate: GruntJS Local Escalation

It was discovered that there was a potential local privilege escalation in GruntJS, a multipurpose task runner and build system tool. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3383-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Chris Lamb April 05, 2023 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : grunt Version : 1.0.1-8+deb10u2 CVE ID : CVE-2022-1537 It was discovered that there was a potential local privilege escalation in GruntJS, a multipurpose task runner and build system tool. file.copy operations in GruntJS were vulnerable to a TOCTOU ("time-of-check vs. time-of-use") race condition that could have led to arbitrary file writes in GitHub repositories. This could have then led to local privilege escalation if a lower-privileged user had write access to both source and destination directories, as the lower-privileged user could have created a symlink to the GruntJS user's ~/.bashrc configuration file (etc). For Debian 10 buster, this problem has been fixed in version 1.0.1-8+deb10u2. We recommend that you upgrade your grunt packages. For the detailed security status of grunt please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/grunt Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Debian LTS Advisory DLA-3384-1 resolves a local privilege escalation vulnerability in GulpJS. It is advised to upgrade to ensure protection.. Debian Security Update, GruntJS Advisory, Local Privilege Escalation. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 05, 2023 Important Debian LTS
Banner 2 1028x280 1708121730 1 1771599631
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderatefedora

Fedora 36: 2022-37aef44d1e Moderate: Golang-Task Update (CVE Mitigation)

Rebuild to mitigate CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang --- See https://groups.google.com/g/golang-dev/c/frczlF8OFQ0/m/4lrZh5BHDgAJ for more information about the specific vulnerabilities. ---- enable s390x build (rhbz#1971028). --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-37aef44d1e 2022-07-30 01:52:05.591856 --------------------------------------------------------------------------------Name : golang-github-task Product : Fedora 36 Version : 3.14.0 Release : 3.fc36 URL : https://github.com/go-task/task Summary : A task runner / simpler Make alternative written in Go Description : A task runner / simpler Make alternative written in Go. --------------------------------------------------------------------------------Update Information: Rebuild to mitigate CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang ---See https://groups.google.com/g/golang-dev/c/frczlF8OFQ0/m/4lrZh5BHDgAJ for more information about the specific vulnerabilities. ---- enable s390x build (rhbz#1971028) --------------------------------------------------------------------------------ChangeLog: * Tue Jul 19 2022 Maxwell G - 3.14.0-3 - Rebuild for CVE-2022-{1705,32148,30631,30633,28131,30635,30632,30630,1962} in golang --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-37aef44d1e' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Addressing various CVEs in golang-github-task on Fedora 36 to improve security and support s390x architecture.. Golang Task Update, Fedora Security, CVE Fix, Task Runner Security. . LinuxSecurity.com Team

Calendar 2 Jul 29, 2022 Fedora
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorydenial of servicecritical

Fedora 35 FEDORA-2022-3969b64d4b Critical: Golang Task Runner Issues

Rebuild for CVE-2022-{24675,28327,29526} in golang and other go ecosystem CVEs --- This contains the result from the mass rebuild in F35 for all packages that require `golang` and provide binaries to mitigate the following CVEs: `golang` itself: - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode - CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized scalar -. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-3969b64d4b 2022-07-17 00:57:11.020145 --------------------------------------------------------------------------------Name : golang-github-task Product : Fedora 35 Version : 3.14.0 Release : 2.fc35 URL : https://github.com/go-task/task Summary : A task runner / simpler Make alternative written in Go Description : A task runner / simpler Make alternative written in Go. --------------------------------------------------------------------------------Update Information: Rebuild for CVE-2022-{24675,28327,29526} in golang and other go ecosystem CVEs --- This contains the result from the mass rebuild in F35 for all packages that require `golang` and provide binaries to mitigate the following CVEs: `golang` itself: - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode -CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized scalar -CVE-2022-29526 golang: syscall: faccessat checks wrong group (There are some Go CVEs that are a little bit older that will also be mitigated by the rebuild for packages that haven't been updated recently) CVEs in other golang libraries that affect a subset of Go packages: - CVE-2022-21698 golang-github-prometheus-client: prometheus/client_golang: Denial of service using InstrumentHandlerCounter - CVE-2022-1996 go-restful: Authorization Bypass Through User-Controlled Key ---- Initial import for golang-github-a8m-envsubst Resolves: rhbz#2074406 ---- Initial package Resolves: rhbz#2074438 ----Update to v3.14.0 (close rhbz#2105612) ---- Fix merge ---- Update to 1.22.1 - Close: rhbz#2077577 --------------------------------------------------------------------------------ChangeLog: * Sat Jul 9 2022 Maxwell G - 3.14.0-2 - Rebuild for CVE-2022-{24675,28327,29526 in golang} * Sat Jul 9 2022 Mark E. Fuller - 3.14.0-1 - Update to v3.14.0 (close rhbz#2105612) - Reenable tests on recommendation of upstream --------------------------------------------------------------------------------References: [ 1 ] Bug #2074406 - Review Request: golang-github-a8m-envsubst - Environment variables substitution for Go https://bugzilla.redhat.com/show_bug.cgi?id=2074406 [ 2 ] Bug #2074438 - Review Request: golang-github-goccy-yaml - YAML support for the Go language https://bugzilla.redhat.com/show_bug.cgi?id=2074438 [ 3 ] Bug #2077577 - powerline-go-1.22.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2077577 [ 4 ] Bug #2105612 - golang-github-task-3.14.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2105612 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-3969b64d4b' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Fedora 35 introduces important updates for Go packages, addressing key vulnerabilities affecting task runners. These changes enhance functionality and boost security.. Fedora Updates, Golang Security, Task Runner Vulnerability, Golang Fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 16, 2022 Critical Fedora
Banner 2 1028x280 1708121730 1 1771599631
197
Ls Advisories Deblts Esm H240
Price Tag 1security advisorycode executiondebian

Debian 9 Security Advisory DLA-2368-1: Grunt Code Execution Threat

It was discovered that there was a arbitrary code execution vulnerability in grunt, a Javascript task runner. This was possible due to the unsafe loading of YAML documents. . - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2368-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/lts/security/ Chris Lamb September 09, 2020 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : grunt Version : 1.0.1-5+deb9u1 CVE ID : CVE-2020-7729 Debian Bug : #969668 It was discovered that there was a arbitrary code execution vulnerability in grunt, a Javascript task runner. This was possible due to the unsafe loading of YAML documents. For Debian 9 "Stretch", this problem has been fixed in version 1.0.1-5+deb9u1. We recommend that you upgrade your grunt packages. For the detailed security status of grunt please refer to its security tracker page at: https://security-tracker.debian.org/tracker/source-package/grunt Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Ubuntu Security Notice USN-1234-1 resolves a security vulnerability in npm arising from improper handling of JSON files.. Debian Security, Arbitrary Code Execution, Grunt Vulnerability, LTS Update, Security Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Sep 09, 2020 Critical Debian LTS
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":547,"type":"x","order":1,"pct":78.48,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.3,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.88,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.34,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here